4

Hi i am new to ZF2 and i am trying to understand the main concepts by creating an extended application to learn all about ZF2 and test my knowledge.

Please forgive me if my questions sound stupid or if i didnt get some things along the way when using things, i try to learn while i go.

At this point i want to integrate Authentication and ACL to my project and i need some questions answered for my general understanding of how this process works and how i can use it.

I already integrated a Login Form so i can Authenticate, and it is possible for me to do so, a PHP Session Cookie is created and i can identify a user through hasIdentity() in the AuthService.

As i am about to create ACL, of which i read the documentation and think i understood it, how am i able to check on every page request of my application if a user has access to certain pages/controllers etc.

From what i read and think it must be in the bootstrap of the module, so that on every page load the user is identified and ACL is checked for access. if the user has the right he is granted access and requested page i loaded but if he doesnt have access he gets redirected to any other page (index/index or error page etc.)

But so far i couldnt find any useful tutorial or really good advice on how to create a bootstrap for my module and how to realise that pre-load access check.

are there any useful articles (with code pls for better understanding) or tutorials on how to make auth acl and module bootstrap work and work together? Are there any other things that i must take care of when trying to get my user system to work?

thanks in advance for any advice!

happy new year btw :)

José Marquez
  • 75
  • 9
  • 3
    I hope someone will be able to provide background information, but as long as thats not the case you may want to check out the source-codes of ZfcUser (https://github.com/ZF-Commons/ZfcUser) and Bjyuthorize (https://github.com/bjyoungblood/BjyAuthorize) – Sam Jan 01 '13 at 05:27
  • do these modules provide that funcionality that i look for? – José Marquez Jan 01 '13 at 06:36
  • 3
    Yes, i wouldn't tell u to look into them otherwise ;) – Sam Jan 01 '13 at 06:43
  • 3
    Yes, like Sam I would really advise you to look at ZfcUser and BjyAuthorize. Those modules provide Authentication (ZfcUser: "who are you?") and Authorization (BjyAuthorize: "are you allowed to?"). Those modules are maintained and used by a large userbase, so you'd probably better off to use them too. – Jurian Sluiman Jan 01 '13 at 09:22
  • Just using a module is not going to help him to learn the concept very though :) I've just written an app using the ACL so i'll post an example asap – Andrew Feb 25 '13 at 09:27
  • Try this http://p0l0.binware.org/index.php/2012/02/18/zend-framework-2-authentication-acl-using-eventmanager/ (but you probably found that one already). it's not the most up-to-date tutorial but i helped me figuring out alot of stuff. Also i learned alot from looking in the code of the project that sam linked to. – Ponsjuh Apr 17 '13 at 13:10

1 Answers1

0

Ive been working on the same problem recently and i came across a tutorial that can be modified to bootstrap some auth checks.

http://akrabat.com/zend-framework-2/simple-logging-of-zf2-exceptions/

I hope this helps :)

mic
  • 1,251
  • 2
  • 15
  • 33