Re: Authentication using external users table
On 24 Mag, 14:51, Rob Maurer robmau...@gmail.com wrote: Then it would seem the problem is adding authentication for users from another database table to existing CakePHP Auth/ACL. That's uncharted territory for me. One idea: That is unchartered territory for me too. The problem is that the solution you suggested is not worth all the work necessary to accomplish it. I need to authenticate a single page, I think it is easier to create a one-time link (something like http://.../mypage/22h232g3283c23823c232). Thank you maxx -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Authentication using external users table
Then it would seem the problem is adding authentication for users from another database table to existing CakePHP Auth/ACL. That's uncharted territory for me. One idea: 1. Add your external database table to your CakePHP site as a Model (ExternalUsers). 2. Keep your existing, authenticated users as another Model (InternalUsers). 3. Combine both Models in a third Model (Users) including a 'grouping' field (User.group_id) to differentiate which Model they each come from. 4. Set model Users as AROs in CakePHP Acl. 5. Give Users access to ACOs based (in part) upon the value of User.group_id Rob On May 22, 5:12 pm, emmexx emmeics...@gmail.com wrote: On 22 Mag, 22:15, RobMaurerrobmau...@gmail.com wrote: If I understand your needs as written, it would seem simpler to stay with CakePHP Auth/ACL and create a second tier of permissions for a subset of Users who are also in the Users table. That would handle authentication for you (the way you're already doing) and you would grant those Users access to the create/update/delete views on your models as needed. The problem is that the second group of users has its own table in another database. Those users are managed by another (non-cakephp) program and I'd rather prefer not to mess with it. Furthermore I would like not to manage permissions for those users. They simply need to enter some data in a field, data not that important. And the more the 2 systems are separated, the better. Anyway I'll think about your suggestion. Thank you maxx -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Authentication using external users table
If I understand your needs as written, it would seem simpler to stay
with CakePHP Auth/ACL and create a second tier of permissions for a
subset of Users who are also in the Users table. That would handle
authentication for you (the way you're already doing) and you would
grant those Users access to the create/update/delete views on your
models as needed.
You'd want a field in each record that identifies the User (or Group
of users) that created it, so that in your controller you can verify
that the Auth User matches prior to updating the record.
On May 21, 3:15 am, emmexx emmeics...@gmail.com wrote:
In one cake app I use Auth and Acl to authenticate users, as per
manual.
Now I need to let some users, not listed in users table but in another
database, edit the records of a table. Let's say for clarification
that they should manage their own profile.
What I want to do is:
1. let those users authenticate outside of my app Auth system.
I created a form where those users enter their username and password.
The form is public ($this-Auth-allowedActions = array('mylogin');
2. If their credentials are valid I redirect to a form (a view of the
model they have to edit).
Obviously I want to be sure that when the second form is submitted,
what the server receives is not faked. I mean, I need some kind of
persistence in order to verify that the submitted data comes from an
authenticated user and the data is consistent with the user (a user
can modify only his own profile).
To accomplish that is it enough to create a session key and check it
before saving data?
And what kind of complexity should I implement from a security point
of view? I mean, is it enough to set a simple session key ( e.g.
$this-Session-write('authenticated', true) ) ? Or should I write something
more complex (e.g.hashing of some user data?)
I'm not sure that php/cakephp Session component are enough to
guarantee that the submitted data is coming from the same user
previously authenticated.
Are there better cake methods to accomplish the same goal?
thank you
maxx
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Authentication using external users table
On 22 Mag, 22:15, Rob Maurer robmau...@gmail.com wrote: If I understand your needs as written, it would seem simpler to stay with CakePHP Auth/ACL and create a second tier of permissions for a subset of Users who are also in the Users table. That would handle authentication for you (the way you're already doing) and you would grant those Users access to the create/update/delete views on your models as needed. The problem is that the second group of users has its own table in another database. Those users are managed by another (non-cakephp) program and I'd rather prefer not to mess with it. Furthermore I would like not to manage permissions for those users. They simply need to enter some data in a field, data not that important. And the more the 2 systems are separated, the better. Anyway I'll think about your suggestion. Thank you maxx -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Authentication using external users table
In one cake app I use Auth and Acl to authenticate users, as per
manual.
Now I need to let some users, not listed in users table but in another
database, edit the records of a table. Let's say for clarification
that they should manage their own profile.
What I want to do is:
1. let those users authenticate outside of my app Auth system.
I created a form where those users enter their username and password.
The form is public ($this-Auth-allowedActions = array('mylogin');
2. If their credentials are valid I redirect to a form (a view of the
model they have to edit).
Obviously I want to be sure that when the second form is submitted,
what the server receives is not faked. I mean, I need some kind of
persistence in order to verify that the submitted data comes from an
authenticated user and the data is consistent with the user (a user
can modify only his own profile).
To accomplish that is it enough to create a session key and check it
before saving data?
And what kind of complexity should I implement from a security point
of view? I mean, is it enough to set a simple session key ( e.g. $this-
Session-write('authenticated', true) ) ? Or should I write something
more complex (e.g.hashing of some user data?)
I'm not sure that php/cakephp Session component are enough to
guarantee that the submitted data is coming from the same user
previously authenticated.
Are there better cake methods to accomplish the same goal?
thank you
maxx
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
