php - Using Zend_Auth to secure all controllers -

-

how globally secure controllers (except login controller) ensure application secure @ points (no hidden backdoor ajax calls, etc). thought might put in bootstrap file, doesn't feel right? i'm trying avoid adding code each controller.

suggestions?

edit: complement of @singles response.

you must understand there 2 different things. auth , acl. auth tells user, , can example redirect user having no auth login controller, , set auth identity after login. acl system take yes/no decisions based on auth data (could user id or role, stored in auth storage.

on nice solution have 2 controllers plugins (registered in order on bootstrap, auth acl). if not use controller plugins you'll have call acl check in each controller, when needed. if need it, use plugins.

implement predispatch() in auth plugin set example anonymous identity if have no identity return zend_auth. code snippet of real one:

public function predispatch(zend_controller_request_abstract $request) {     $module = $request->getmodulename();     $controller = $request->getcontrollername();     $action = $request->getactionname();     $auth = zend_auth::getinstance();     if (!$auth->hasidentity()) {         // set default anonymous identity         $auth->getstorage()->write(array('name' => 'anonymous','role' => 1,));     } (...)

and acl controller plugin task in predispatch(). can launch acl check each requested url (so each user request, ajax). here's partial snippet, example of how handle things:

public function predispatch(zend_controller_request_abstract $request) {     $controller = $request->controller;     $module = $request->module;     $action = $request->action;     // here should code nice retrieving zend_acl object     // caching options maybe, building roles, ressources, etc     $this->_acl = $this->getacl();      if (!$this->_acl->iscurrentuserallowed($module,'see')) {         $auth = zend_auth::getinstance();     $identity  = $auth->hasidentity('identity')? $auth->getidentity() : null;     if(isset($identity)) {             if($identity['name'] == 'anonymous') {                 // warning: avoid infinite redirect loops on login page                 if (!($request->getcontrollername() == 'login'                      && $request->getactionname()=='login'                      && $request->getmodulename() == 'default')) {                         $request->setcontrollername('login')                ->setactionname('login')                ->setmodulename('default');             return; (...)

and in system last important part logincontroller in case of succesful login should initate identity record:

(...) $auth = zend_auth::getinstance(); zend_session::regenerateid(); $storage = $auth->getstorage(); $rowobject = $authadapter->getresultrowobject(null,'passwd'); $storage->write((array)$rowobject); (...)

Comments

Post a Comment

Popular posts from this blog

python - Scipy curvefit RuntimeError:Optimal parameters not found: Number of calls to function has reached maxfev = 1000 -

-
Image
i want make logharitmic fit. keep getting runtime error: optimal parameters not found: number of calls function has reached maxfev = 1000 i use following script. can tell me go wrong? use spyder still beginner. import math import matplotlib mpl scipy.optimize import curve_fit import numpy np #data f1=[735.0,696.0,690.0,683.0,680.0,678.0,679.0,675.0,671.0,669.0,668.0,664.0,664.0] t1=[1,90000.0,178200.0,421200.0,505800.0,592200.0,768600.0,1036800.0,1371600.0,1630800.0,1715400.0,2345400.0,2409012.0] f1n=np.array(f1) t1n=np.array(t1) plt.plot(t1,f1,'ro',label="original data") # curvefit def func(t,a,b): return a+b*np.log(t) t=np.linspace(0,3600*24*28,13) popt, pcov = curve_fit(func, t, f1n, maxfev=1000) plt.plot(t, func(t, *popt), label="fitted curve") plt.legend(loc='upper left') plt.show() your original data t1 , f1 . therefore curve_fit should given t1 second argument, not t . popt, pcov = curve_fit(func,
Read more

c# - How to add a new treeview at the selected node? -

-
i have treeview 4 levels; parent, child, grandchild, great-grandchild. selectednode @ grandchild level. what i'm trying create new "treeview" @ grandchild - no, dont wnat create new node "selectednode" (grandchild). should somelike this: parent child grandchild (new treeview) parent grandchild great-grandchild child great-grandchild child grandchild grandchild it similar parent table mother , father went off , had new childern different spouse other spouse of there existing children. private sub populaterootlevel() ' query find first round of parent populatenodes(dt, jcatreeview.nodes) end sub private sub populatenodes(byval dt datatable, byval nodes treenodecollection) each dr datarow in dt.rows dim tn new treenode() tn.text = dr("title").tostring()
Read more

java - netbeans "Please wait - classpath scanning in progress..." -

-
when try compile netbeans projects message/error : "please wait - classpath scanning in progress..." and nothing happens , have have wait enternity conmpile "hello world"... now first thing have moved new office building, laptop same. it's secure enviroment lot of "security", can't connect anywhere almost. have changed user dir in netbeans.conf save data in c:\program files\user any ideas how fix this? alrady tried reinstalling netbeans, changing save location between standart , newone... just ideas find problem look @ cpu - netbeans busy (100% on 1 core) or blocking (95% idle)? standard, ant or maven build? libraries , use absolute or relative paths? start simple "hello world" project (no dependencies), add 1 lib (log4j or similiar), located in project folder , - if works - move lib other locations (choose locations similiar libs on real classpath) there chance, don't have access rights folders/shares conta
Read more