Re: Authentication using external users table
On 24 Mag, 14:51, Rob Maurer robmau...@gmail.com wrote: Then it would seem the problem is adding authentication for users from another database table to existing CakePHP Auth/ACL. That's uncharted territory for me. One idea: That is unchartered territory for me too. The problem is that the solution you suggested is not worth all the work necessary to accomplish it. I need to authenticate a single page, I think it is easier to create a one-time link (something like http://.../mypage/22h232g3283c23823c232). Thank you maxx -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Authentication using external users table
Then it would seem the problem is adding authentication for users from another database table to existing CakePHP Auth/ACL. That's uncharted territory for me. One idea: 1. Add your external database table to your CakePHP site as a Model (ExternalUsers). 2. Keep your existing, authenticated users as another Model (InternalUsers). 3. Combine both Models in a third Model (Users) including a 'grouping' field (User.group_id) to differentiate which Model they each come from. 4. Set model Users as AROs in CakePHP Acl. 5. Give Users access to ACOs based (in part) upon the value of User.group_id Rob On May 22, 5:12 pm, emmexx emmeics...@gmail.com wrote: On 22 Mag, 22:15, RobMaurerrobmau...@gmail.com wrote: If I understand your needs as written, it would seem simpler to stay with CakePHP Auth/ACL and create a second tier of permissions for a subset of Users who are also in the Users table. That would handle authentication for you (the way you're already doing) and you would grant those Users access to the create/update/delete views on your models as needed. The problem is that the second group of users has its own table in another database. Those users are managed by another (non-cakephp) program and I'd rather prefer not to mess with it. Furthermore I would like not to manage permissions for those users. They simply need to enter some data in a field, data not that important. And the more the 2 systems are separated, the better. Anyway I'll think about your suggestion. Thank you maxx -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Authentication using external users table
If I understand your needs as written, it would seem simpler to stay with CakePHP Auth/ACL and create a second tier of permissions for a subset of Users who are also in the Users table. That would handle authentication for you (the way you're already doing) and you would grant those Users access to the create/update/delete views on your models as needed. You'd want a field in each record that identifies the User (or Group of users) that created it, so that in your controller you can verify that the Auth User matches prior to updating the record. On May 21, 3:15 am, emmexx emmeics...@gmail.com wrote: In one cake app I use Auth and Acl to authenticate users, as per manual. Now I need to let some users, not listed in users table but in another database, edit the records of a table. Let's say for clarification that they should manage their own profile. What I want to do is: 1. let those users authenticate outside of my app Auth system. I created a form where those users enter their username and password. The form is public ($this-Auth-allowedActions = array('mylogin'); 2. If their credentials are valid I redirect to a form (a view of the model they have to edit). Obviously I want to be sure that when the second form is submitted, what the server receives is not faked. I mean, I need some kind of persistence in order to verify that the submitted data comes from an authenticated user and the data is consistent with the user (a user can modify only his own profile). To accomplish that is it enough to create a session key and check it before saving data? And what kind of complexity should I implement from a security point of view? I mean, is it enough to set a simple session key ( e.g. $this-Session-write('authenticated', true) ) ? Or should I write something more complex (e.g.hashing of some user data?) I'm not sure that php/cakephp Session component are enough to guarantee that the submitted data is coming from the same user previously authenticated. Are there better cake methods to accomplish the same goal? thank you maxx -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Authentication using external users table
On 22 Mag, 22:15, Rob Maurer robmau...@gmail.com wrote: If I understand your needs as written, it would seem simpler to stay with CakePHP Auth/ACL and create a second tier of permissions for a subset of Users who are also in the Users table. That would handle authentication for you (the way you're already doing) and you would grant those Users access to the create/update/delete views on your models as needed. The problem is that the second group of users has its own table in another database. Those users are managed by another (non-cakephp) program and I'd rather prefer not to mess with it. Furthermore I would like not to manage permissions for those users. They simply need to enter some data in a field, data not that important. And the more the 2 systems are separated, the better. Anyway I'll think about your suggestion. Thank you maxx -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Authentication using external users table
In one cake app I use Auth and Acl to authenticate users, as per manual. Now I need to let some users, not listed in users table but in another database, edit the records of a table. Let's say for clarification that they should manage their own profile. What I want to do is: 1. let those users authenticate outside of my app Auth system. I created a form where those users enter their username and password. The form is public ($this-Auth-allowedActions = array('mylogin'); 2. If their credentials are valid I redirect to a form (a view of the model they have to edit). Obviously I want to be sure that when the second form is submitted, what the server receives is not faked. I mean, I need some kind of persistence in order to verify that the submitted data comes from an authenticated user and the data is consistent with the user (a user can modify only his own profile). To accomplish that is it enough to create a session key and check it before saving data? And what kind of complexity should I implement from a security point of view? I mean, is it enough to set a simple session key ( e.g. $this- Session-write('authenticated', true) ) ? Or should I write something more complex (e.g.hashing of some user data?) I'm not sure that php/cakephp Session component are enough to guarantee that the submitted data is coming from the same user previously authenticated. Are there better cake methods to accomplish the same goal? thank you maxx -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php