crypto map myclientmap client authentication list vpnusers
This is for user authentication of the vpn connection, ie what we call xauth.
If you don't have aaa configured either pointing to local or a radius server then your method list is basically pointing to none, thus there would be no user authentication, just group authentication.
crypto map myclientmap isakmp authorization list vpngroup
This is for group authentication, and within the group itself you define the parameters in mode config, ie things you push to the client, like ip address, dns, wins and the like. Again if you don't define aaa it defaults to local, so you define it locally, you could also define the group externally.
More info on:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t8/ftunity.htm