1: The standard Http login box provided by a web browser.
Using this login system within your web application has the benefit of familiarity for the user at the
expense of there being no easy way to log out. Let??™s look at how we implement HTTP authentication using
Zend_Auth.
To authenticate someone, the process is to create an instance of an Auth Adapter and then authenticate
using Zend_Auth??™s authenticate() function.
$authAdapter = new Zend_Auth_Adapter_Http();
// set up $authAdapter so that it knows what to do
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
The HTTP authentication protocol assumes that the pages that you want to protect are grouped into a
realm, which is displayed to the user. For example, in Figure 6.1, the realm is ???My Protected Area???. The name
of the realm must be provided to the Zend_Auth_Adapter_Http adapter and we must also create a resolver
class to provide the password for a given username. The resolver class decouples the mechanism for
authentication from the mechanics of retrieving the username and password from the user and generally would
read the password from a database or file. A flowchart that describes the process is shown in Figure 6.2
Licensed to Menshu You
Pages:
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187