I have based my application upon the Zend Framework. I am using Zend_Auth for authentication, but I'm not sure if Zend_Acl will work for me because, frankly, the examples I've seen are either too simplistic for my needs or confuse me. I'm thinking of elements in my application as Resources and these Resources can have have Privileges. ...
Has anyone succesfully integrated Zend_Auth and Zend_Acl with Zend_Amf_Server? I'am looking for a working example. ...
Friends. I put together a site with Zend_Acl and Zend_Auth and works perfect. The problem comes when I enter a page is not permitted and the site returns to the index page, here are the urls that armed with the helper url zend framework are changed. url(array('module' => 'moduno', 'controller' => 'index', 'action' => 'index'));?>">modun...
Hi, i get sometimes this error: Fatal error: Uncaught exception 'Zend_Session_Exception' with message 'session has already been started by session.auto-start or session_start()' in /www/htdocs/w00a1ed7/autospin/redaktion/library/Zend/Session.php:462 Stack trace: #0 /www/htdocs/w00a1ed7/autospin/redaktion/library/...
Login Form: $authAdapter = Zend_Registry::get('authAdapter'); $authAdapter ->setIdentity($formData['email']) ->setCredential($password) ->setCredential(1); Bootstrap: protected function _initAuth(){ $this->bootstrap('db'); $this->bootstrap('session'); $db = $this->getPluginResource('db')-...
I want to Zend_Auth and Zend_Session to save user sessions and logins information whats the easy and best way for implements following items: 1-Disallow multiple concurrent logins for the specific user 2-List all of all user currently logged in 3-Admin could logout of specific user or destroy specific session Is there any special ...
What I'm trying to do is use Zend_Auth for authentication with the issuing being that the 'identity' is stored in a different table then then 'credential.' I'm able to pass an array for the credential and the identity but when it comes to the actual tables I'm not able to get it to accept the array. It ignores the 2nd table name. I was w...
I am testing authentification functionality of my site. Zend_Auth is using as authorization engine. But auth status remains between tests and I need to write 'logout' in every tearDown. Now everything is all right. But the problem is following. As for I know Zend_Auth uses Zend_Session for storing auth data. So, session is common for al...
Hello! I'm currently working on a new Application using (among other things) Zend_Auth but, for whatever reason, this Error Message is showing up at any location totally randomly (or so it seams) Zend_Session::start() - /home/hannes/workspace/develop/library/Zend/Session.php(Line:480): Error #8 session_start() [function.session-start]:...
I am working with Zend_Auth and cookie/session persistence. I can't seem to figure out how to force an authentication with this class. Is there any way to force Zend_Auth to believe it has authenticated as a user? ...
Hello all, I am pretty new to the Zend framework and looking to build an application with pretty tight password security. I have been trying to follow the user guides in relation to password salting but haven't had any luck so far. I have setup my database and table adapter (As described in the documentation on the Zend Framework site...
I'm working on the login system for a php web app. I'm aware of the dangers of rolling your own system, so I'm hoping to use a pre-built library of some kind. I have seen zend_auth recommended in several places. I have also heard that zend_auth can be used independent of the rest of the Zend framework. This would be preferable, as my...
I have an application that is behind a login and utilizes zend_acl and zend_auth. During pre-dispatch I have an ACL plugin that creates all the rules out for the ACL. I also have an Auth plugin that checks if you're logged in or not and if so if you have access to the requested resource according to the ACL. As the application is entir...
I am using Zend_Auth for authentication in a web portal. A normal mySQL "users" table with a login and password column gets queried against, and a user logged in. However, I have two additional groups of users that I want to authenticate. All three of these user groups have their logon data in other tables. Their data is coming from ex...
i have 2 sites (example.com, ex2.com). Fisical is a 1 site with 1 db. When user sing in ex2.com, he was sing in example.com too. How do this? P.S. Can do this with ZF? I found a very interesting article on this topic. The author gives some ideas how to implement Multidomain authentication. http://codeutopia.net/blog/2008/09/25/sharing-...
I was wondering if it was at all possible to create a rss(or atom) feed with Zend_Feed that would be on a secured website (With Zend_Auth). How would users be able to subscribe to my feed? How would feedreaders handle authentification? Is there any pitfalls I should be aware of (one I can think of is users who use outlook, IE, and ot...
Hi, on my project website users are able to login and move from page to page on my site by being logged in. so they do not have to log in again for moving to another section on my page. to achieve that I use the storage of Zend_Auth. Following code shows how I write storage: $authAdapter->setIdentity($email) ->setCredential($p...
I'm using Zend_Auth with setCredentialTreatment to set the hash method and salt. I see all examples doing something like this, where the salt seems to be inserted as a text. ->setCredentialTreatment('SHA1(CONCAT(?,salt))' but my salt is stored in the database. I could retrieve it first then use it in setCredentialTreatment but is t...
I am currently exploring Zend_Auth, part of Zend Framework, but am dissapointed with the lack of more advanced features such as nonces, authentication tokens, lock-out, etc. In one of my recent projects, I implemented an authentication and ACL (Access Control List) scheme that has the following features: Salted hashes Automatic IP addr...
I am working on an existing project that has two areas that can be logged into. An admin section and the front end. Currently the admin section has a login action and the front end has its own login action. Admin logs in using a database table specifically for admin accounts, the front end is logged in using a different table all toget...