As you can see, HTTP authentication is easy with Zend_Auth_Adapter_Http., however most websites do
not use it. Every public facing, commercial website provides their own login form to identify the user, usually
asking for a username and password. There are a number of reasons for this, the main ones being:
No way to log out other than exiting the browser completely.
It??™s not optional, so you cannot display the page regardless with different content for logged in users.
You cannot change the look and feel or provide additional information within the login dialog box. For
example, you may want to use email address rather than username.
It??™s not clear what to do if you have forgotten your password or do not have an account
Some of these can be worked around using cookies and JavaScript, but the user experience is still not good
enough which is why everyone uses forms and sessions (or cookies). We will now integrate authentication
using a login form and Zend_Auth into the Places application.
6.3 Using Zend_Auth within a real application
As Places is a community web site, the ability for members to be able to be identified is crucial and we have a
users table ready to use. In order to implement authentication, we need a controller action to handle display
and processing of a form to allow the user to enter their username and password.
Pages:
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190