Multiple authentications

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Multiple authentications

Emmanuel Bouton
Hi all,

In my app I have 3 types of controllers :
 - Public controllers without any authentication
 - SSO Authenticated controllers
 - HTTP Basic Authenticated controllers (for a webservice part)

How should I manage these 2 way of authentication ? In controllers
onDispatch method ? Through events (which one) ?

Said differently, I don't know where I should put this code for both of my
authentication services :

    if (!$authenticationService->hasIdentity()) {
        $authenticationService->authenticate($adapter);
    }

Any ideas ?

Thanks
Emmanuel
Reply | Threaded
Open this post in threaded view
|

Re: Multiple authentications

Emmanuel Bouton
2014-11-07 23:19 GMT+01:00 Emmanuel Bouton <[hidden email]>:

> Hi all,
>
> In my app I have 3 types of controllers :
>  - Public controllers without any authentication
>  - SSO Authenticated controllers
>  - HTTP Basic Authenticated controllers (for a webservice part)
>
> How should I manage these 2 way of authentication ? In controllers
> onDispatch method ? Through events (which one) ?
>
> Said differently, I don't know where I should put this code for both of my
> authentication services :
>

=> Erratum : for both of my adapters ;)


>
>     if (!$authenticationService->hasIdentity()) {
>         $authenticationService->authenticate($adapter);
>     }
>
> Any ideas ?
>
> Thanks
> Emmanuel
>
Reply | Threaded
Open this post in threaded view
|

Re: Multiple authentications

Emmanuel Bouton
Or should I simply check the authentication on top of each my action ? (a
bit repetitive ...)

2014-11-07 23:27 GMT+01:00 Emmanuel Bouton <[hidden email]>:

> 2014-11-07 23:19 GMT+01:00 Emmanuel Bouton <[hidden email]>:
>
>> Hi all,
>>
>> In my app I have 3 types of controllers :
>>  - Public controllers without any authentication
>>  - SSO Authenticated controllers
>>  - HTTP Basic Authenticated controllers (for a webservice part)
>>
>> How should I manage these 2 way of authentication ? In controllers
>> onDispatch method ? Through events (which one) ?
>>
>> Said differently, I don't know where I should put this code for both of
>> my authentication services :
>>
>
> => Erratum : for both of my adapters ;)
>
>
>>
>>     if (!$authenticationService->hasIdentity()) {
>>         $authenticationService->authenticate($adapter);
>>     }
>>
>> Any ideas ?
>>
>> Thanks
>> Emmanuel
>>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Multiple authentications

Marco Pivetta
Hi Emmanuel,

If your controllers implement at least one marker interface or have
something that makes them recognizable at first sight by any automated
security checks, then it's trivial to implement a listener attached to the
SharedEventManager that:

 - listens for the controller's \Zend\Mvc\MvcEvent::EVENT_DISPATCH with a
high priority
 - is attached only to event identifiers representing those "marker
interfaces"

Greets,

Marco Pivetta

http://twitter.com/Ocramius

http://ocramius.github.com/

On 7 November 2014 23:33, Emmanuel Bouton <[hidden email]> wrote:

> Or should I simply check the authentication on top of each my action ? (a
> bit repetitive ...)
>
> 2014-11-07 23:27 GMT+01:00 Emmanuel Bouton <[hidden email]>:
>
> > 2014-11-07 23:19 GMT+01:00 Emmanuel Bouton <[hidden email]>:
> >
> >> Hi all,
> >>
> >> In my app I have 3 types of controllers :
> >>  - Public controllers without any authentication
> >>  - SSO Authenticated controllers
> >>  - HTTP Basic Authenticated controllers (for a webservice part)
> >>
> >> How should I manage these 2 way of authentication ? In controllers
> >> onDispatch method ? Through events (which one) ?
> >>
> >> Said differently, I don't know where I should put this code for both of
> >> my authentication services :
> >>
> >
> > => Erratum : for both of my adapters ;)
> >
> >
> >>
> >>     if (!$authenticationService->hasIdentity()) {
> >>         $authenticationService->authenticate($adapter);
> >>     }
> >>
> >> Any ideas ?
> >>
> >> Thanks
> >> Emmanuel
> >>
> >
> >
>
Reply | Threaded
Open this post in threaded view
|

Re: Multiple authentications

Emmanuel Bouton
Hi Marco,

Thanks a lot, I'll do that :)

Emmanuel

Le lundi 10 novembre 2014, Marco Pivetta <[hidden email]> a écrit :

> Hi Emmanuel,
>
> If your controllers implement at least one marker interface or have
> something that makes them recognizable at first sight by any automated
> security checks, then it's trivial to implement a listener attached to the
> SharedEventManager that:
>
>  - listens for the controller's \Zend\Mvc\MvcEvent::EVENT_DISPATCH with a
> high priority
>  - is attached only to event identifiers representing those "marker
> interfaces"
>
> Greets,
>
> Marco Pivetta
>
> http://twitter.com/Ocramius
>
> http://ocramius.github.com/
>
> On 7 November 2014 23:33, Emmanuel Bouton <[hidden email]
> <javascript:_e(%7B%7D,'cvml','[hidden email]');>> wrote:
>
>> Or should I simply check the authentication on top of each my action ? (a
>> bit repetitive ...)
>>
>> 2014-11-07 23:27 GMT+01:00 Emmanuel Bouton <[hidden email]
>> <javascript:_e(%7B%7D,'cvml','[hidden email]');>>:
>>
>> > 2014-11-07 23:19 GMT+01:00 Emmanuel Bouton <[hidden email]
>> <javascript:_e(%7B%7D,'cvml','[hidden email]');>>:
>> >
>> >> Hi all,
>> >>
>> >> In my app I have 3 types of controllers :
>> >>  - Public controllers without any authentication
>> >>  - SSO Authenticated controllers
>> >>  - HTTP Basic Authenticated controllers (for a webservice part)
>> >>
>> >> How should I manage these 2 way of authentication ? In controllers
>> >> onDispatch method ? Through events (which one) ?
>> >>
>> >> Said differently, I don't know where I should put this code for both of
>> >> my authentication services :
>> >>
>> >
>> > => Erratum : for both of my adapters ;)
>> >
>> >
>> >>
>> >>     if (!$authenticationService->hasIdentity()) {
>> >>         $authenticationService->authenticate($adapter);
>> >>     }
>> >>
>> >> Any ideas ?
>> >>
>> >> Thanks
>> >> Emmanuel
>> >>
>> >
>> >
>>
>
>