On Wed, Apr 30, 2008 at 12:12 PM, cjant83 <[EMAIL PROTECTED]> wrote: > > I wouldnt like to do this either (requesting just a password). Another > thought.... by 'salting' the password you could avoid a message popping up > if the users chose the same password.
Yes, but I don't see how this solve the problem. Two people can now have the same password, sure (because technically there different passwords in the database). But, when someone attempts to login using just that password (without providing a username) how do you know which users' salt to use? > > > Chris. > > > > > > bradley.holt wrote: > > > > On Wed, Apr 30, 2008 at 11:59 AM, Chris Jones <[EMAIL PROTECTED]> wrote: > > > >> My suggestion would be to set everything up as if you required a > >> username and password; a column in your users table for a > >> id,username,password. On the front end only have a password field for > >> the user to complete. > >> > >> In your auth controller instead of passing a value into > >> setIdentity($username) from a form, pass the password > >> > >> setIdentity($password); > >> > >> Every user in your users table would have the same value in the > >> username and password column. By doing this each 'user' would be > >> unique as you could assign an id to them. > >> > >> The problem is someone might choose the same password. The way around > >> this would be to make a check when you register a new user or setup a > >> new password that the value is unique. > > > > > > For this reason, I would ask Denis to question the spec here. It seems > to > > me > > that only requiring a password is a *really bad* idea. As soon as a user > > is > > told they need to pick a different password because one is already in > use, > > they can now login as that other user! > > > > > >> > >> > >> Dont know if thats the best way, but what came to my mind. If it > >> doesnt make sense let me know ill try explain better :) > >> > >> Chris. > >> > >> > >> > >> > >> 2008/4/30 Denis Fohl <[EMAIL PROTECTED]>: > >> > Hi all, > >> > > >> > i'm trying to simplify the authentification process as my client > would > >> like > >> > to have only one input field to fill with password. > >> > > >> > As it is documented, the identity column must contain unique values > >> but, > >> in > >> > this case, the identity should be the same for each user. > >> > > >> > Is there a way to do so ? > >> > > >> > Thank you. > >> > > >> > Denis. > >> > > >> > > >> > > >> > >> > >> > >> -- > >> Chris. > >> > > > > > > > > -- > > Bradley Holt > > [EMAIL PROTECTED] > > > > > > -- > View this message in context: > http://www.nabble.com/authenticate-only-with-password-with-database-adapter---tp16979051p16986302.html > Sent from the Zend Framework mailing list archive at Nabble.com. > > -- Bradley Holt [EMAIL PROTECTED]
