6.1 Introducing Authentication and Authorisation
There are two different processes involved when it comes to allowing a user access to specific pages on a
website. Authentication is the process of identifying an individual based on their credentials (usually username
and password) and authorisation is the process of deciding if the user is allowed to do something. The Zend
Framework??™s two components, Zend_Auth and Zend_Acl, provide comprehensive support for all aspects of
authentication and authorisation for websites.
As you must know who the user is, it follows that the authentication process must occur before
authorisation, and so we will look at authentication and Zend_Auth first, before looking at Zend_Acl.
6.1.1 What is authentication?
The goal of the authentication is the process of deciding if someone is whom they say they are. There are three
ways to recognise a user which are known as ???factors???:
Something they know: password, pin, etc.
Something they have: Driving licence, credit card, etc.
Something thy are: fingerprints, typing patterns, etc.
When you buy something from a shop using a credit card, two factors are used: ???have??? (the credit card in
your pocket) and ???know??? (the pin number). For pretty much every website out there (including online banks)
the ???know??? factor is the only mechanism used to identify a user.
Pages:
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183