One standard mechanism for doing this is to use an Access Control List (ACL) which
is a list of permissions that are attached to a resource. The list specifies who is allowed access to the resource
and what can be done with it. This means that the list will tell the system if a given user is allowed to view a
database record, or execute a controller action.
Whenever a user wishes to do something, the list is checked to see if they are allowed to do the desired
action with the desired data item. For example, a user may be allowed to view a news article, but be denied
permission to edit it.
6.2 Implementing authentication
Now that we know what authentication and authorisation are, we can look at how they are implemented with a
Zend Framework application. We will first look at how to implement authorisation with Zend_Auth using
HTTP authentication and then look at how authentication is implemented within a ???real-world??? application
using a database to hold the user information and sessions to store the information across multiple page views.
6.2.1 Introducing Zend_Auth
The Zend_Auth component is the part of the framework that deals with authentication and is separated
into the core component and a set of authorisation adapters. The adapters contain the actual mechanisms for
authorising users, such as using HTTP with a file or authorising against a database table.
Pages:
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185