On 10/11/07, Todd Wolaver <[EMAIL PROTECTED]> wrote: > Hello, > > I have implemented Zend_Auth for admin users to login and I'm > checking authentication and ACLs in a preDispatch plugin. > > Now I need to authenticate a different type of user which has nothing > to do with the admins and uses a totally different storage engine and > auth adapter. > > I'm trying to figure out how to keep these users separate and I can't > seem to figure it out. > > At this point I'm thinking I need a new class which extends > Zend_Auth, but Zend_Auth being a singleton I'll always get back an > instance of Zend_Auth.
Hi Todd, Note that you can use Zend_Auth_Adapters directly without using the Zend_Auth class at all. Zend_Auth just provides a single point from which you can retrieve information about an authentication. > Even if I extend the class as below, "hasIdentity()" will return > true if the admin has logged in under Zend_Auth: I don't really understand this. Regardless of how Zend_Auth works, by what mechanism will you determine if the user really is an admin or not? Note that you can of course overload hasIdentity / getIdenity and give them intelligence about your different authentication mechanisms. > Does anyone have any suggestions on how to implement several > different authentication schemes? Do I need to extend Zend_Auth for > the admin and the other users and not use Zend_Auth directly? >From your description I really don't understand what the problem really is but here are a few ideas that may or may not be pertinent. Create a third adapter that negotiates which authentication method should be used. Extend Zend_Auth and add a getUser method that returns a bonified My_User object that may be queried (e.g. $user->isAdmin()). Mike -- Michael B Allen PHP Active Directory SPNEGO SSO http://www.ioplex.com/
