Custom Auth Login Problem

Mon, 25 Feb 2008 09:17:03 -0800 

Hi,

I've created an Ldap component that connects to an Active directory
server to do authentication. The ldap componet works well and I'm
using it for a number of applications.

I created a custom authentication component (MyAuth) that overrides
the isAuthorized and hashPasswords function.  MyAuth also contains a
login function.  This function checks with the database to see if a
user should be authenticated via the password in the database or the
active directory.

My app_controller looks like so:
    function beforeFilter()
    {
        if (isset($this->Auth))
        {
            $this->Auth->userScope = array('User.active' => 'True');
            $this->Auth->fields = array('username' => 'username',
'password' => 'password');
            $this->Auth->loginAction = '/users/login';
            $this->Auth->logoutRedirect = '/users/index';
            $this->Auth->authError = 'You are not authorized to access
that location.';
            $this->Auth->autoRedirect = false;
            $this->Auth->authorize = 'object';
            $this->Auth->object = $this->MyAuth;
            $this->Auth->authenticate = $this->MyAuth;
            $this->Auth->loginRedirect = $this->Session-
>read('Auth.from');
            //$this->Auth->allow('*');  // for testing only
        }
    }

My Users/login function looks like this:
    function login()
    {
        $user_id = $this->Auth->user('id');
        if (!empty($user_id) && $this->Session->valid())
        {
            $this->redirect('/users/index');
        }
        if (!empty($this->data))
        {
            if (!$this->MyAuth->login($this->data))
            {
                $this->set('error_code', -2);
            }
            else
            {
                $this->redirect('/users/index');
            }
        }
    }

The problem is that Auth->startup is called before $this->MyAuth-
>login().  The Auth startup automatically tries to do Auth->login if
there is a username and password.  In most cases this is fine except
when I have a user with a password in the database and that user is
also set to authenticate via the active directory.

Is there anyway I can force cake to use my authentication only?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake 
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to