I too am a relative n00b but I don't think that's the only problem with this tutorial. For one thing, it's dated. You don't need to implement your own Identity plugin because ZF2 already provides: http://zf2.readthedocs.org/en/latest/modules/zend.mvc.plugins.html#zend-mvc-controller-plugins-identity.
As to Slavey's book: it's really good ( https://www.amazon.com/review/R38Z5NJEX0UP0R/ref=cm_cr_rdp_perm?ie=UTF8&ASIN=1492372218). I also like http://www.masterzendframework.com/ and https://samsonasik.wordpress.com/ On Wed, Feb 24, 2016 at 1:21 AM, Simon Walter <[email protected]> wrote: > Hi all, > > I noticed that the HTTP response codes I get back are not the same as when > running the stack via Apache. I noticed also a few other strange things > such as content when I expected no content. > > It then lead me to inspect packets. What I found was that my protected > areas were indeed accessible. > > The fault lies in the way I was redirecting users to the login page. I had > followed this tutorial: > > http://p0l0.binware.org/index.php/2012/02/18/zend-framework-2-authentication-acl-using-eventmanager/ > > I just want to caution others who may have done so and have copied this > buggy code. I've left a comment on the page as well: > > http://p0l0.binware.org/index.php/2012/02/18/zend-framework-2-authentication-acl-using-eventmanager/#comment-91368 > > Looking at Slavey's book, I see that much of what Marco has done in his > tutorial is over engineered. > > I will chance a n00b guess that because the controller and action are not > reset to something else, the original route is still followed even though a > 302 is sent with a new location. > > I will refrain from drawing any more n00b conclusions and ask what you all > think. > > Kind regards, > > Simon > > -- > List: [email protected] > Info: http://framework.zend.com/archives > Unsubscribe: [email protected] > > > -- David Mintz http://davidmintz.org/ Human needs before private profit: http://socialequality.com/
