Authorization
is the process of providing access to a given resource, such as a web page, to an authenticated user. That is,
authentication is the process of identifying and entity, usually via a token such as a username/password pair,
but could equally be via a fingerprint. Authorization is the process of deciding if the authenticated entity is
allowed to have access to, or perform operations on, a given resource, such as a record from a database.
As there are two separate processes required, the Zend Framework provides two separate components:
Zend_Acl and Zend_Auth. Zend_Auth is used to identify the user and is typically used in conjunction with
Zend_Session to hold that information across multiple page requests (known as token persistence). Zend_Acl
is then uses the authentication token to provide access to private information using the Role Based Access
Control List system.
As is becoming a watchword around here, flexibility is a key design decision within the Zend_Auth
component. There are so many ways to authenticate a user that the Zend_Auth system is built with the
intention that the user will provide their own. The most common scenario of HTTP digest authentication is
provided out of the box, but for any other method, you must create a class that extends Zend_Auth_Adapter.
Pages:
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30