I do this by making my own auth adapter. Once the user logs in, you get all the permissions you need and load them into an array or user object, then, when you return the zend_auth_result, you put that object in as the identity (instead of the string "identity" as the Zend_Auth_Adapter_DbTable uses, for example).
I've also worked out the database driven, multiple roles hierarchy for myself (based on Simon Mundy's example of the Zend_Auth / Zend_Acl http://devzone.zend.com/article/1665-Zend_Acl-Zend_Auth-Example-Scenario) by slightly changing the Zend_Acl_Role object so that the Zend_Auth instance injects the user into the Acl (instead of using a hierarchy of stings as in the examples). When you need to test a permission, you can use a custom assertion to look at the values in the user object and make a determination about whether the user is allowed to access the resource. I'd be happy to share code if anyone is interested. brian On 9/22/07, Jack Sleight <[EMAIL PROTECTED]> wrote: > I've done this by not using the Zend_Auth singleton at all. Instead I > just use the adapter on its own for authentication and then save the > resulting identity object(s) into my own session namespace(s). When I > need to check if someone is logged in I just check if the session > variable is set. Perhaps there is a way to do it using the Zend_Auth > singleton, but I couldn't figure it out, and this is simple enough for me. > > debussy007 wrote: > > Hello ! > > > > I wondered how it was possible for one user to authenticate more than once : > > > > E.g. my web application is composed of several modules. > > default / partners / admin. > > > > And a "partner" can connect as a "member" (default module) at the same time, > > as well as an "admin". > > > > I tought of changing the namespace from Zend_Auth to > > Zend_Member_Auth, Zend_Partner_Auth, Zend_Admin_Auth. > > > > But now I am confused : > > - how can I check for valid identity ccording to the module ? > > (a member connected in the default module cannot access partner > > nor admin module without valid authentication) > > - how can I clear the identity of a specific auth namespace ? > > (if a user logs outs from member module, he must not logs out from > > partner module automatically) > > > > I tought of a solution for this : > > each time the request goes into the bootstrap, I check the module which is > > called, > > and call ...->setStorage(new Zend_Auth_Storage_Session('Zend_XYZ_Auth')); > > according to the module called (XYZ can be Member, Partner or Admin > > according to the module called). > > > > But now I don't really know how to do this. > > > > Maybe I am also totally wrong about the use of the namespace! > > > > Thank you for any help. > > > > -- > Jack >
