Mike, thanks for the reply.
I've come up with something that works for my situation, but it
involves extending the Zend_Auth singleton class (which I know
probably isn't the best way to do things).
I do want to use Zend_Auth since I'm looking for the storage, which
was the oversight in my original logic. I was using the same
namespace in both classes, so of course each instance of the two
separate classes would return that it had an identity since it was
looking to the same session (one of those "oh, duh" moments).
The two types of users will be logging in at separate pages (actually
one is logging in via a 3rd party site that sends back a token).
I'll be able to tell the admins by using $myAuthAdmin->getIdentity()
and other users by $myAuthOtheruser->getIdentity();
This is what I ended up doing. I don't know if is the best way, but
it works:
class My_Auth_Otheruser extends Zend_Auth
{
protected static $_instance = null;
public static function getInstance()
{
if (null === self::$_instance) {
self::$_instance = new self();
self::$_instance->setStorage(new Zend_Auth_Storage_Session
('Auth_Otheruser'));
}
return self::$_instance;
}
}
On Oct 11, 2007, at 9:15 PM, Michael B Allen wrote:
On 10/11/07, Todd Wolaver <[EMAIL PROTECTED]> wrote:
Hello,
I have implemented Zend_Auth for admin users to login and I'm
checking authentication and ACLs in a preDispatch plugin.
Now I need to authenticate a different type of user which has nothing
to do with the admins and uses a totally different storage engine and
auth adapter.
I'm trying to figure out how to keep these users separate and I can't
seem to figure it out.
At this point I'm thinking I need a new class which extends
Zend_Auth, but Zend_Auth being a singleton I'll always get back an
instance of Zend_Auth.
Hi Todd,
Note that you can use Zend_Auth_Adapters directly without using the
Zend_Auth class at all. Zend_Auth just provides a single point from
which you can retrieve information about an authentication.
Even if I extend the class as below, "hasIdentity()" will return
true if the admin has logged in under Zend_Auth:
I don't really understand this. Regardless of how Zend_Auth works, by
what mechanism will you determine if the user really is an admin or
not?
Note that you can of course overload hasIdentity / getIdenity and give
them intelligence about your different authentication mechanisms.
Does anyone have any suggestions on how to implement several
different authentication schemes? Do I need to extend Zend_Auth for
the admin and the other users and not use Zend_Auth directly?
From your description I really don't understand what the problem
really is but here are a few ideas that may or may not be pertinent.
Create a third adapter that negotiates which authentication method
should be used.
Extend Zend_Auth and add a getUser method that returns a bonified
My_User object that may be queried (e.g. $user->isAdmin()).
Mike
--
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/
