2010-11-30 21:02
浏览 29


I have a CMS built on the Zend Framework. It uses Zend_Auth for "CMS User" authentication. CMS users have roles and permissions that are enforced with Zend_Acl. I am now trying to create "Site Users" for things like an online store. For simplicity sake I would like to use a separate instance of Zend_Auth for site users. Zend_Auth is written as a singleton, so I'm not sure how to accomplish this.

Reasons I don't want to accomplish this by roles:

  1. Pollution of the CMS Users with Site Users (visitors)
  2. A Site User could accidentally get elevated permissions
  3. The users are more accurately defined as different types than different roles
  4. The two user types are stored in separate databases/tables
  5. One user of each type could be signed in simultaneously
  6. Different types of information are needed for the two user types
  7. Refactoring that would need to take place on existing code

图片转代码服务由CSDN问答提供 功能建议

我有一个基于Zend Framework构建的CMS。 它使用 Zend_Auth 进行“CMS用户”身份验证。 CMS用户具有使用 Zend_Acl 强制执行的角色和权限。 我现在正在尝试为在线商店之类的东西创建“网站用户”。 为简单起见,我想为站点用户使用 Zend_Auth 的单独实例。 Zend_Auth 被写为单身,所以我不知道如何实现这一目标。


  1. 使用网站用户(访客)污染CMS用户
  2. 网站用户可能会意外获得提升权限
  3. 用户被更准确地定义为不同类型而不是不同角色
  4. 两种用户类型存储在单独的数据库/表中
  5. 每种类型的一个用户可以签名 同时
  6. 两种用户类型需要不同类型的信息
  7. 需要在现有代码上进行的重构
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

4条回答 默认 最新

  • douxuqiao6394
    douxuqiao6394 2010-11-30 21:58

    In that case, you want to create your own 'Auth' class to extend and remove the 'singleton' design pattern that exists in Zend_Auth

    This is by no means complete, but you can create an instance and pass it a 'namespace'. The rest of Zend_Auth's public methods should be fine for you.

    class My_Auth extends Zend_Auth
        public function __construct($namespace) {
            $this->setStorage(new Zend_Auth_Storage_Session($namespace));
            // do other stuff
        static function getInstance() {
            throw new Zend_Auth_Exception('I do not support getInstance');

    Then where you want to use it, $auth = new My_Auth('CMSUser'); or $auth = new My_Auth('SiteUser');

    点赞 评论
  • douyoufan7881
    douyoufan7881 2010-11-30 22:15

    that is my suggestion :

    i think you are in case that you should calculate ACL , recourses , roles dynamically ,

    example {md5(siteuser or cmsuser + module + controller)= random number for each roles }

    and a simple plugin would this role is allowed to this recourse

    or you can build like unix permission style but i guess this idea need alot of testing one day i will build one like it in ZF :)

    i hope my idea helps you

    点赞 评论
  • douru5373
    douru5373 2010-11-30 22:30

    You're mixing problems. (not that I didn't when I first faced id)

    Zend_Auth answers the question "is that user who he claims to be"? What you can do is to add some more info to your persistence object. Easiest option is to add one more column into your DB and add it to result.

    点赞 评论
  • dth20986
    dth20986 2012-11-08 10:07
    class App_Auth
        const DEFAULT_NS = 'default';
        protected static $instance = array();
        protected function __clone(){}
        protected function __construct() {}
        static function getInstance($namespace = self::DEFAULT_NS) {
            if(!isset(self::$instance[$namespace]) || is_null(self::$instance[$namespace])) {
                self::$instance[$namespace] = Zend_Auth::getInstance();
                self::$instance[$namespace]->setStorage(new Zend_Auth_Storage_Session($namespace));
            return self::$instance[$namespace];

    Try this one , just will need to use App_Auth instead of Zend_Auth everywhere, or App_auth on admin's area, Zend_Auth on front

    点赞 评论