using of two auth in zend

> hi all,
>
> I have two module: account, admin
>
> I want each of them have their authentication to login...
> for their auth, I created two controller in each module(AuthController.php)
> now we have just hasIdentify to auth.. but how I say it that it is account
> and other is admin...
> now when I login each index module login.......
>
> Admin_IndexController
>     public function init()
>     {
>         /* Initialize action controller here */
>                 $auth = Zend_Auth::getInstance();
>                 if (!$auth->hasIdentity()) {
>                          Zend_Auth::getInstance()->clearIdentity();
>                             $this->_redirect('/admin/auth/login');
>                 }
>                 else{
>                    $this->_forward('index');
>                 }
>     }
>
>
>  How we can implement account login and admin panel login in zend (two
> different authentiation in zend????????)
>
> Thanks,
> Shahrzad Khorrami
>

> You can also simply put in module bootstrap different session name:
> session_name('admin');
>
> 2010/6/5 Aleksey Zapparov <[hidden email]>
>>
>> Hello,
>>
>> Zend_Auth uses Zend_Auth_Storage_Session (by default) to keep
>> auth data. And this storage has it's namespace which is 'Zend_Auth'
>> by default. But you can change Zend_Auth's storage to your one with
>> Zend_Auth::setStorage() method. So you can write something similar
>> inside your bootstrap:
>> http://gist.github.com/426439
>>
>> Alternatively you can extend Zend_Auth like this:
>> http://gist.github.com/426448
>>
>>
>> 2010/6/5 shahrzad khorrami <[hidden email]>:
>> > hi all,
>> >
>> > I have two module: account, admin
>> >
>> > I want each of them have their authentication to login...
>> > for their auth, I created two controller in each
>> > module(AuthController.php)
>> > now we have just hasIdentify to auth.. but how I say it that it is
>> > account
>> > and other is admin...
>> > now when I login each index module login.......
>> >
>> > Admin_IndexController
>> >     public function init()
>> >     {
>> >         /* Initialize action controller here */
>> >                 $auth = Zend_Auth::getInstance();
>> >                 if (!$auth->hasIdentity()) {
>> >                          Zend_Auth::getInstance()->clearIdentity();
>> >                             $this->_redirect('/admin/auth/login');
>> >                 }
>> >                 else{
>> >                    $this->_forward('index');
>> >                 }
>> >     }
>> >
>> >
>> >  How we can implement account login and admin panel login in zend (two
>> > different authentiation in zend????????)
>> >
>> > Thanks,
>> > Shahrzad Khorrami
>> >
>>
>>
>>
>> --
>> Sincerely yours,
>> Aleksey V. Zapparov A.K.A. ixti
>> FSF Member #7118
>> Mobile Phone: +34 617 179 344
>> Homepage: http://www.ixti.ru
>> JID: [hidden email]
>>
>> *Origin: Happy Hacking!
>
>
>
> --
> Aurimas Likas
> tel. +37067730631
> e-mail: [hidden email]
> URLs: http://magento.lt
>

> thanksss...
> I'm testing..but it's an error in bootstrap for using of $request ... we
> can't use of $request in bootstrap :-/
>
> $auth = Zend_Auth::getInstance();
>
> if ('admin' == $request->getModuleName()) {
>     $namespace = Zend_Auth_Storage_Session::NAMESPACE_DEFAULT . '_Admin';
>     $auth->setStorage(new Zend_Auth_Storage_Session($namespace));
> }
>
> .
> .
> .
>
>
> thanks alot,
> shahrzad
>
>

> Hi,
> I think you're using the wrong tool to solve the problem. Auth is just needed
> for authentication: who are you?. The answer to the question if you have
> permission to something is covered in authorization.
>
> Zend_Acl is the thing you need, not two Zend_Auth instances. It's pretty easy
> with two resources (account and admin) and two roles (user and admin, groups
> for the users). Program them static in your plugin and you're future proof for
> further expansion.
>
> Regards, Jurian
> --
> Jurian Sluiman
> CTO Soflomo V.O.F.
> http://soflomo.com
>
> On Wednesday 09 Jun 2010 06:23:13 shahrzad khorrami wrote:
>> wow thanks alot Alekseyyyy I'm going to test... B-) merccccc
>

> Hello,
>
> Very good point of view. Unfortunately it does not related to the topic.
> Topic
> was exactly about authentication, not authorization. I see what do you
> mean
> and I understand why do you think that Zend_Acl will solve the problem.
> But
> problem was not about to separate credentials by roles, but to separate
> authentication scopes.
>
> It was about to provide option to be able to log-in into website as
> admin for one
> particular module and somebody else for all anothers. If you have
> experience
> then you probably saw that there you can log into back-end administration
> panel as admin (or moderator), but you can log into front-end
> administration by
> somebody else.
>
> Why you may need this? Here's simple example why this may be useful. When
> you have built a some kind of CMS, and you have different roles of users,
> and
> your administrator has ability to change scopes of visible areas for
> one role and
> another, you would like to test it "live". With two concerrent
> authentications you
> can achieve this easily simply log into "user's area" as user while be
> staying
> administrator inside "admin's area". With one authentication scope you'll
> need
> to log out and log in back as user to test changes.
>
>
> 2010/6/10 Jurian Sluiman <[hidden email]>:
>> Hi,
>> I think you're using the wrong tool to solve the problem. Auth is just
>> needed
>> for authentication: who are you?. The answer to the question if you have
>> permission to something is covered in authorization.
>>
>> Zend_Acl is the thing you need, not two Zend_Auth instances. It's pretty
>> easy
>> with two resources (account and admin) and two roles (user and admin,
>> groups
>> for the users). Program them static in your plugin and you're future
>> proof for
>> further expansion.
>>
>> Regards, Jurian
>> --
>> Jurian Sluiman
>> CTO Soflomo V.O.F.
>> http://soflomo.com
>>
>> On Wednesday 09 Jun 2010 06:23:13 shahrzad khorrami wrote:
>>> wow thanks alot Alekseyyyy I'm going to test... B-) merccccc
>>
>
>
>
> --
> Sincerely yours,
> Aleksey V. Zapparov A.K.A. ixti
> FSF Member #7118
> Mobile Phone: +34 617 179 344
> Homepage: http://www.ixti.ru
> JID: [hidden email]
>
> *Origin: Happy Hacking!

> Hi,
>
> I have something like that in my current app.
>
> After succesful auth, I store the role (user, poweruser, admin) in the
> identity and another role called as_role.
> All my acl checks are done against as_role except one that is done against
> the true role.
> The check using the true role display some "view as" buttons in the layout
> if role is "admin" and permit changes to as_role.
>
> It's not perfect impersonation as I can't see resources as their owner
> without logging as the owner but I can browse the site as a generic user or
> poweruser without loging out.
>
> Ludwig
>
> --------------------------------------------------
> From: "Aleksey Zapparov" <[hidden email]>
> Sent: Thursday, June 10, 2010 12:33 PM
> To: "Jurian Sluiman" <[hidden email]>
> Cc: <[hidden email]>; "shahrzad khorrami"
> <[hidden email]>
> Subject: Re: [fw-general] using of two auth in zend
>
>> Hello,
>>
>> Very good point of view. Unfortunately it does not related to the topic.
>> Topic
>> was exactly about authentication, not authorization. I see what do you
>> mean
>> and I understand why do you think that Zend_Acl will solve the problem.
>> But
>> problem was not about to separate credentials by roles, but to separate
>> authentication scopes.
>>
>> It was about to provide option to be able to log-in into website as
>> admin for one
>> particular module and somebody else for all anothers. If you have
>> experience
>> then you probably saw that there you can log into back-end administration
>> panel as admin (or moderator), but you can log into front-end
>> administration by
>> somebody else.
>>
>> Why you may need this? Here's simple example why this may be useful. When
>> you have built a some kind of CMS, and you have different roles of users,
>> and
>> your administrator has ability to change scopes of visible areas for
>> one role and
>> another, you would like to test it "live". With two concerrent
>> authentications you
>> can achieve this easily simply log into "user's area" as user while be
>> staying
>> administrator inside "admin's area". With one authentication scope you'll
>> need
>> to log out and log in back as user to test changes.
>>
>>
>> 2010/6/10 Jurian Sluiman <[hidden email]>:
>>>
>>> Hi,
>>> I think you're using the wrong tool to solve the problem. Auth is just
>>> needed
>>> for authentication: who are you?. The answer to the question if you have
>>> permission to something is covered in authorization.
>>>
>>> Zend_Acl is the thing you need, not two Zend_Auth instances. It's pretty
>>> easy
>>> with two resources (account and admin) and two roles (user and admin,
>>> groups
>>> for the users). Program them static in your plugin and you're future
>>> proof for
>>> further expansion.
>>>
>>> Regards, Jurian
>>> --
>>> Jurian Sluiman
>>> CTO Soflomo V.O.F.
>>> http://soflomo.com
>>>
>>> On Wednesday 09 Jun 2010 06:23:13 shahrzad khorrami wrote:
>>>>
>>>> wow thanks alot Alekseyyyy I'm going to test... B-) merccccc
>>>
>>
>>
>>
>> --
>> Sincerely yours,
>> Aleksey V. Zapparov A.K.A. ixti
>> FSF Member #7118
>> Mobile Phone: +34 617 179 344
>> Homepage: http://www.ixti.ru
>> JID: [hidden email]
>>
>> *Origin: Happy Hacking!
>
>