[nycphp-talk] What UserLogin/Auth mechanism do you use ?
felix zaslavskiy
felix at students.poly.edu
Thu Dec 11 23:45:21 EST 2003
I was thinkig in terms of general security functions we have Authentication and Access Controls. The system has to store representations of users identities. Groups are also representations of users because they users who represent many users. The function of authentication is for users from outside the system to prove who they are. On the other Access Controls is a function that is separate from Authentication. System can store the rules for access controls as permissions. Would it not make sence to place those two functions in two separate modules or libraries instead of bunching it all in one place?
On Thu, 11 Dec 2003 23:05:56 -0500
"Mark Armendariz" <nyphp at enobrev.com> wrote:
> Yeah, I'm not 100% behind their implementation, but it touches on quite a
> bit, and actaully a fun read in comparison to a good dea lof code I run
> into. BY control I meant by adding permissions and group control to my
> current class, rather than just logged in / not and basic session
> management.
>
> -----Original Message-----
> From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
> Behalf Of felix zaslavskiy
> Sent: Thursday, December 11, 2003 10:44 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] What UserLogin/Auth mechanism do you use ?
>
>
> > I'm actaully also interested as I'm in the process of rebuilding my
> > login class to fit a larger scheme of control and some better security
> options.
> What do you mean by larger scheme of control ?
>
>
> > I'd originally learned a lot about php authentication through sites as
> > well as PAT's patUser class
> > (http://www.php-tools.de/site.php?file=patUser/overview.xml),
>
> I took a look at it and its very well writen. I like and dont like some
> things arount it because.
>
> > which is one
> > of the better one's I've personally read over.
> >
> > Mark
> >
> > -----Original Message-----
> > From: talk-bounces at lists.nyphp.org
> > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of felix zaslavskiy
> > Sent: Thursday, December 11, 2003 9:00 PM
> > To: talk at lists.nyphp.org
> > Subject: [nycphp-talk] What UserLogin/Auth mechanism do you use ?
> >
> > I was wondering what people find most convinient for to do this ? Do
> > you use just php sessions with few own helper functions,
> > PEAR::Auth,other library, or completely homegrown ?
> >
> > I personaly find php sessions a bit aukward to use because of the a
> > bit none-intuative api that it has.
> >
> > Felix
> > _______________________________________________
> > talk mailing list
> > talk at lists.nyphp.org
> > http://lists.nyphp.org/mailman/listinfo/talk
> >
> >
> >
> >
> > _______________________________________________
> > talk mailing list
> > talk at lists.nyphp.org
> > http://lists.nyphp.org/mailman/listinfo/talk
> >
>
>
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
>
>
>
>
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
>
More information about the talk
mailing list