[nycphp-talk] What UserLogin/Auth mechanism do you use ?
Ophir Prusak
lists at prusak.com
Fri Dec 12 09:21:31 EST 2003
I haven't played with it yet, but this looks interesting:
http://phpgacl.sourceforge.net/
----- Original Message -----
From: "Mark Armendariz" <nyphp at enobrev.com>
To: "'NYPHP Talk'" <talk at lists.nyphp.org>
Sent: Friday, December 12, 2003 1:08 AM
Subject: RE: [nycphp-talk] What UserLogin/Auth mechanism do you use ?
> You make a good point. I guess the reason they seem to have come together
> in my mind is a current job for instance. Where I have user groups who
are
> allowed to log into site a and some into site b and some who can log into
> both. And THEN they are allowed more detailed permissions within the
sites.
> I wouldn't have an issue using 2 libraries by any means but they seem as
if
> they would access similar funtionality, as well as the same data. Maybe I
> could have them bot hextend a user class of sorts (althouhg I'm still
> questioning if I want to use DAO classes, vs. sql in the classes.
>
> On a similar note, do you know of any good examples of an access control
> class? I have some ideas of how I might do it, but no need to recreate
the
> wheel, if at least while planning as im anal about writing my own stuff.
>
> Mark
>
> -----Original Message-----
> From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
On
> Behalf Of felix zaslavskiy
> Sent: Thursday, December 11, 2003 11:45 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] What UserLogin/Auth mechanism do you use ?
>
> I was thinkig in terms of general security functions we have
Authentication
> and Access Controls. The system has to store representations of users
> identities. Groups are also representations of users because they users
who
> represent many users. The function of authentication is for users from
> outside the system to prove who they are. On the other Access Controls is
a
> function that is separate from Authentication. System can store the rules
> for access controls as permissions. Would it not make sence to place those
> two functions in two separate modules or libraries instead of bunching it
> all in one place?
>
> On Thu, 11 Dec 2003 23:05:56 -0500
> "Mark Armendariz" <nyphp at enobrev.com> wrote:
>
> > Yeah, I'm not 100% behind their implementation, but it touches on
> > quite a bit, and actaully a fun read in comparison to a good dea lof
> > code I run into. BY control I meant by adding permissions and group
> > control to my current class, rather than just logged in / not and
> > basic session management.
> >
> > -----Original Message-----
> > From: talk-bounces at lists.nyphp.org
> > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of felix zaslavskiy
> > Sent: Thursday, December 11, 2003 10:44 PM
> > To: NYPHP Talk
> > Subject: Re: [nycphp-talk] What UserLogin/Auth mechanism do you use ?
> >
> >
> > > I'm actaully also interested as I'm in the process of rebuilding my
> > > login class to fit a larger scheme of control and some better
> > > security
> > options.
> > What do you mean by larger scheme of control ?
> >
> >
> > > I'd originally learned a lot about php authentication through sites
> > > as well as PAT's patUser class
> > > (http://www.php-tools.de/site.php?file=patUser/overview.xml),
> >
> > I took a look at it and its very well writen. I like and dont like
> > some things arount it because.
> >
> > > which is one
> > > of the better one's I've personally read over.
> > >
> > > Mark
> > >
> > > -----Original Message-----
> > > From: talk-bounces at lists.nyphp.org
> > > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of felix zaslavskiy
> > > Sent: Thursday, December 11, 2003 9:00 PM
> > > To: talk at lists.nyphp.org
> > > Subject: [nycphp-talk] What UserLogin/Auth mechanism do you use ?
> > >
> > > I was wondering what people find most convinient for to do this ? Do
> > > you use just php sessions with few own helper functions,
> > > PEAR::Auth,other library, or completely homegrown ?
> > >
> > > I personaly find php sessions a bit aukward to use because of the a
> > > bit none-intuative api that it has.
> > >
> > > Felix
> > > _______________________________________________
> > > talk mailing list
> > > talk at lists.nyphp.org
> > > http://lists.nyphp.org/mailman/listinfo/talk
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > talk mailing list
> > > talk at lists.nyphp.org
> > > http://lists.nyphp.org/mailman/listinfo/talk
> > >
> >
> >
> > _______________________________________________
> > talk mailing list
> > talk at lists.nyphp.org
> > http://lists.nyphp.org/mailman/listinfo/talk
> >
> >
> >
> >
> > _______________________________________________
> > talk mailing list
> > talk at lists.nyphp.org
> > http://lists.nyphp.org/mailman/listinfo/talk
> >
>
>
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
>
>
>
>
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
>
More information about the talk
mailing list