douzhan3900 2012-06-11 22:45
浏览 45
已采纳

如何存储和更改Zend_Auth会话ID?

I've recently started using Zend Framework and I'm still pretty used to session_start, and assigning variables to certain session names (ie: $_SESSION['username'] == $username)

I'm trying to figure out how to do something similar to this in Zend. Right now, my auth script checks the credentials using LDAP against my AD server and, if successful, authenticates the user.

I want to create a script that will allow an admin user to easily "enter" someone else's session. Let's say admin1 had an active session and wanted to switch into user1's session. Normally I would just change the $_SESSION['username'] variable and effectively change the identity of the user logged in.

But with Zend, I'm not quite sure how to change the session info. For what it's worth, here's my authentication script:

class LoginController extends Zend_Controller_Action
{
    public function getForm()
    {
        return new LoginForm(array(
            'action' => '/login/process',
            'method' => 'post',
        ));
    }

    public function getAuthAdapter(array $params)
    {
        $username = $params['username'];
        $password = $params['password'];
        $auth = Zend_Auth::getInstance();

        require_once 'Zend/Config/Ini.php';
        $config = new Zend_Config_Ini('../application/configs/application.ini', 'production');
        $log_path = $config->ldap->log_path;
        $options = $config->ldap->toArray();
        unset($options['log_path']);

        require_once 'Zend/Auth/Adapter/Ldap.php';
        $adapter = new Zend_Auth_Adapter_Ldap($options, $username, $password);

        $result = $auth->authenticate($adapter);

        if ($log_path) {
            $messages = $result->getMessages();

            require_once 'Zend/Log.php';
            require_once 'Zend/Log/Writer/Stream.php';
            require_once 'Zend/Log/Filter/Priority.php';
            $logger = new Zend_Log();
            $logger->addWriter(new Zend_Log_Writer_Stream($log_path));
            $filter = new Zend_Log_Filter_Priority(Zend_Log::DEBUG);
            $logger->addFilter($filter);

            foreach ($messages as $i => $message) {
                if ($i-- > 1) { // $messages[2] and up are log messages
                    $message = str_replace("
", "
  ", $message);
                    $logger->log("Ldap: $i: $message", Zend_Log::DEBUG);
                }
            }
        }
        return $adapter;
    }
    public function preDispatch()
    {
        if (Zend_Auth::getInstance()->hasIdentity()) {
            // If the user is logged in, we don't want to show the login form;
            // however, the logout action should still be available
            if ('logout' != $this->getRequest()->getActionName()) {
                $this->_helper->redirector('index', 'index');
            }
        } else {
            // If they aren't, they can't logout, so that action should
            // redirect to the login form
            if ('logout' == $this->getRequest()->getActionName()) {
                $this->_helper->redirector('index');
            }
        }
    }
    public function indexAction()
    {
        $this->view->form = $this->getForm();
    }
    public function processAction()
    {
        $request = $this->getRequest();

        // Check if we have a POST request
        if (!$request->isPost()) {
            return $this->_helper->redirector('index');
        }

        // Get our form and validate it
        $form = $this->getForm();
        if (!$form->isValid($request->getPost())) {
            // Invalid entries
            $this->view->form = $form;
            return $this->render('index'); // re-render the login form
        }

        // Get our authentication adapter and check credentials
        $adapter = $this->getAuthAdapter($form->getValues());
        $auth    = Zend_Auth::getInstance();
        $result  = $auth->authenticate($adapter);
        if (!$result->isValid()) {
            // Invalid credentials
            $form->setDescription('Invalid credentials provided');
            $this->view->form = $form;
            return $this->render('index'); // re-render the login form
        }

        // We're authenticated! Redirect to the home page

        $this->_helper->redirector('index', 'index');

    }
    public function logoutAction()
    {
        Zend_Auth::getInstance()->clearIdentity();
        $this->_helper->redirector('index'); // back to login page
    }
}

Is there any way to do what I have described? Thanks for any suggestions.

  • 写回答

1条回答 默认 最新

  • dongpu5874 2012-06-11 23:43
    关注

    Given your code, the result of authenticating is stored in the PHP session through a Zend_Auth_Storage_Session object.

    Calling Zend_Auth::getIdentity() gets access to the storage and returns the result if it is not empty. Likewise, you can change the stored identity by getting access to the underlying storage and changing its value. The actual identity stored as a result of authenticating with Zend_Auth_Adapter_Ldap is just a string value representing the LDAP username.

    To effectively change the logged in user, you can do:

    Zend_Auth::getInstance()->getStorage()->write('newUserName');

    This assumes the default behavior which should be in place given your code.

    What I do in my applications after successful authentication is to create a new object of some User model, and write that to the Zend_Auth session so that I have more information about the user available in each session, so you should be aware that different things can be in the storage depending on the application.

    This is what I do for example:

    $auth       = new Zend_Auth(...);
$authResult = $auth->authenticate();

if ($authResult->isValid() == true) {
    $userobj = new Application_Model_UserSession();
    // populate $userobj with much information about the user
    $auth->getStorage()->write($userobj);
}

    Now anywhere in my application I call Zend_Auth::getInstance()->getIdentity() I get back the Application_Model_UserSession object rather than a string; but I digress.

    The information that should help you is:

    $user = Zend_Auth::getInstance()->getIdentity(); // reads from auth->getStorage()

Zend_Auth::getInstance()->getStorage()->write($newUser);
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

  • 如何存储更改Zend_Auth会话ID php
    2012-06-11 22:45
    回答 1 已采纳 Given your code, the result of authenticating is stored in the PHP session through a Zend_Auth_Sto
  • 两个表的Zend_Auth_Adapter_DbTable? php
    2011-03-05 02:59
    回答 1 已采纳 I would recommend creating a table view from Users and Passwords tables. Than you would specify th
  • Zend_Db_Table_Row实例形式Zend_Auth php
    2012-03-10 13:12
    回答 2 已采纳 The trick is putting the row into a Zend_Auth_Storage container. By overriding Zend_Auth_Adapter_I
  • PHP和MySQL Web开发第4版pdf以及源码
    2015-10-13 09:10
    php和mysql web开发(原书第4版)》:开发人员专业技术丛书。 目录 读者反馈 译者序 前言 作者简介 第一篇 使用PHP 第1章 PHP快速入门教程 1.1 开始之前:了解PHP 1.2 创建一个示例应用:Bob汽车零部件商店 ...
  • Zend_Auth链接适配器和所有权角色acl php
    2011-09-08 09:59
    回答 1 已采纳 you can create your own adapter/storage classes, with implementing Zend_Auth_Adpater_Interface an
  • 使用Zend_Auth_Adapter_Ldap进行身份验证时如何访问用户数据 php
    2011-04-21 11:56
    回答 1 已采纳 It depends on the used Zend Framework Version. With Version 1.11.2 you can get the UserAccount Obj
  • 如何将数据附加到Zend_Auth对象 php
    2013-04-19 07:14
    回答 2 已采纳 Authentication state is stored in the registered Auth Storage. By default this is Zend_Session. Yo
  • Zend framework——会话
    2018-08-17 18:10
    墨竹摇曳的博客 39.1. 简介 Zend Framework Auth 团队也非常期望大家在邮件列表中进行反馈和贡献: fw-auth@lists.zend.com ... Zend_Session 用来在由相同客户端发起的多个页面请求之间,管理和保护会话数据...
  • Zend_Auth快速并随处访问UserID php
    2011-12-03 15:54
    回答 2 已采纳 you can make property in your controller which could be set in controller constructor: $this->
  • Zend_Auth的多个实例(2) php
    2010-11-30 21:02
    回答 4 已采纳 In that case, you want to create your own 'Auth' class to extend and remove the 'singleton' design
  • 如何从laravel 5.3上的user_id获取用户名? laravel php
    2017-05-07 18:13
    回答 2 已采纳 replace public function user() { return $this->belongsTo('App\User'); } with public funct
  • PHP和MySQL Web开发第4版
    2014-08-13 15:32
    php和mysql web开发(原书第4版)》:开发人员专业技术丛书。 目录 读者反馈 译者序 前言 作者简介 第一篇 使用PHP 第1章 PHP快速入门教程 1.1 开始之前:了解PHP 1.2 创建一个示例应用:Bob汽车零部件商店 ...
  • Zend_Test,身份和cookies php
    2012-09-29 20:31
    回答 1 已采纳 Doing that is in conflict with unit testing idea. Tests are in isolation. You don't pass any state
  • php身份证验证_PHP的身份验证和访问控制
    2020-07-04 03:56
    cuxiong8996的博客 IBM安全身份和访问管理 在IBM白皮书“ 何时需要访问 ”中了解有关在Internet规模上管理访问控制的更多信息。 在本文的第一部分中,我向您介绍了Sentry 2,逐步介绍了它的安装和配置,并提供了一些使用它为PHP...
  • PHP和MySQL WEB开发(第4版)
    2013-05-31 13:23
    2.2 存储和检索Bob的订单 2.3 文件处理 2.4 打开文件 2.4.1 选择文件模式 2.4.2 使用fopen()打开文件 2.4.3 通过FTP或HTTP打开文件 2.4.4 解决打开文件时可能遇到的问题 2.5 写文件 2.5.1 fwrite()的参数 2.5.2 文件...
  • ZendFramework中文文档
    2011-03-22 10:11
    1. Introduction to Zend Framework 1.1. 概述 1.2. 安装 2. Zend_Acl 2.1. 简介 2.1.1. 关于资源(Resource) 2.1.2. 关于角色(Role) 2.1.3. 创建访问控制列表(ACL) 2.1.4. 注册角色(Role) 2.1.5. 定义访问...
  • python依赖注入_什么是依赖注入?
    2020-12-09 18:15
    weixin_39554891的博客 这篇文章是关于一般依赖关系注入和在PHP中实现依赖注入容器系列的第一部分。今天我不会谈论容器然而我想以一些具体的示例介绍依赖注入的概念希望说明尝试去解决问题和它给开发者带来的好处。如果你已经知道依赖注入...
  • 没有解决我的问题, 去提问

悬赏问题

  • ¥15 kafka 分区副本增加会导致消息丢失或者不可用吗?
  • ¥15 微信公众号自制会员卡没有收款渠道啊
  • ¥15 stable diffusion
  • ¥100 Jenkins自动化部署—悬赏100元
  • ¥15 关于#python#的问题:求帮写python代码
  • ¥20 MATLAB画图图形出现上下震荡的线条
  • ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘
  • ¥15 perl MISA分析p3_in脚本出错
  • ¥15 k8s部署jupyterlab,jupyterlab保存不了文件
  • ¥15 ubuntu虚拟机打包apk错误