tags:

views:

403

answers:

1
Q: 

How to deploy authorization between multiple cakephp applications?

I have main site example.com where users can register and login or just login with openid. Logged in users can create their own sites with subdomains like mysite.example.com. Every user can have multiple sites. Every site is cakephp app. Every cake app has its own ACL.

How do I deploy authorization so users logged in to the main site, are also logged in to their own sites.

+1  A: 

Two main requirements here:

  1. Client-side cookie needs to be valid for all applications

    Check the cookie set by CakePHP on the client side (FireCookie is good for this). The domain part of the cookie needs to read .example.com (not www.example.com) in order for it to apply to sub-domains. This might work in bootstrap.php:

    ini_set('session.cookie_domain', '.example.com');

  2. Server-side session storage needs to be accessible by all applications

    In core.php for each application, set a common session storage. Options are:

    • php: This will use the PHP defined session storage directory, which should be the same for all applications.
    • database: If all applications use the same database, this could be an option.
    • cake: For this to work, you would need to define a common /tmp directory for each application.
deizel  2009-08-21 11:55:27
Here are my thoughts. ini_set('session.cookie_domain', '.example.com') - for that I think you only need to Configure::write('Security.level', 'low');. As to a 2. (server side), enabling common session storage for all applications means that you would have to controll access to application on application level and that could mess with your ACL. I figured out that the best way would be to store session in database on per application terms and distribute it through out system to other applications that belong to given user.
 2009-08-23 18:09:45

related questions

PHP Array, key without an assigned value
How do I send arrays between views in CakePHP
When deleting hasOne or hasMany associations, should the foreignKey be set to NULL?
Why doesnt paginator remember my custom parameters when I go to page 2?
CakePHP hasAndBelogsToMany using save() vs. saveAll()
Three table related model in CakePHP
Best practice for placement of display logic in a view in CakePHP
Where to put controller parent class in CakePHP?
How to (with SimpleTest) write an AssertTags test with regex?
Add dismiss control to session-flash() output in CakePHP
Which PHP framework is closest to Ruby on Rails? CakePHP? CodeIgniter?
In CakePHP, how can you determine if a field was changed in an edit action?
CakePHP n to n relation on a third table
Saving information in "sub" model in CakePHP
CakePHP multi-model view
Disable Cakephp's Auto Model "feature"
CakePHP View including other views
How do I use the TranslateBehavior in CakePHP?
Zend Framework or CakePHP?
CakePHP: Action runs twice, for no good reason.
CakePHP ACL Database Setup: ARO / ACO structure?
Help me construct a complex SQL query (or queries).
How do the CakePHP and codeigniter frameworks compare to the ASP.NET MVC framework?
How to control a web application through email? Or how to run php script by sending an email?
unit testing of dynamic fixtures