How it is going:
1. {Zend_Auth}->authenticate($adapter);
2. in Zend_Auth::authenticate():
$this->getStorage()->write($result->getIdentity());
3. in Zend_Auth_Storage_Session::write():
$this->_session->{$this->_member} = $contents;
4. in Zend_Session_Namespace::__set():
$name = (string) $name;
$_SESSION[$this->_namespace][$name] = $value;
And when object is loaded:
1. {Zend_Auth}->getIdentity();
2. in Zend_Auth::getIdentity():
return $storage->read();
3. in Zend_Auth_Storage_Session::read():
return $this->_session->{$this->_member};
4. in Zend_Session_Namespace::__get():
return parent::_namespaceGet($this->_namespace, $name);
5. in Zend_Session_Abstract::_namespaceGet():
return $_SESSION[$namespace][$name];
So, there is no serialize/deserialze in default classes and object-based
identity fails.
The best what I see now is to lookup user information from the database on
each request. It have the benefit when user's permissions are changed, they
should not relogin to apply the changes.
Sincerely,
On 4/10/07, Simon Mundy <[EMAIL PROTECTED]> wrote:
I'll double-check but I'm sure that the DB row will serialise/unserialise
without any problems - you should be fine with the default storage.
Cheers
Thank you!
But where the question arise:
authenticate($adapter) then saves the identity in the storage and default
storage is session-based storage. This storage accepts only strings, as I
understand. So before the example below can work I should change the storage
too?
Sincerely,
--
Simon Mundy | Director | PEPTOLAB
""" " "" """""" "" "" """"""" " "" """"" " """"" " """""" "" "
202/258 Flinders Lane | Melbourne | Victoria | Australia | 3000
Voice +61 (0) 3 9654 4324 | Mobile 0438 046 061 | Fax +61 (0) 3 9654 4124
http://www.peptolab.com
--
Alexander
http://www.alexatnet.com/ - Blog and CMS created with Zend Framework and
Ajax.
