PHPDeveloper.org

PHP-Security.net: X.509 PKI login with PHP and Apache

Fri, 30 May 2008 17:05:59 -0500

Christopher Kunz has relaunched his php-security.net domain with a brand new blog and a new article posted today - "X.509 PKI login with PHP and Apache".

Since grid computing (that's what I'm currently doing) also is very much about Single-sign on and delegation of rights, username/password authentication schemes don't quite do it for us. Thus, a PKI (public key infrastructure) based on X.509 is employed.

He explains the acronym soup by defining the process as advanced means of "showing the web who you are". He explains some of the basics about the certificates and who good candidates for this type of authentication are. Then the tech starts - how to get Apache configured to use them and how to use them in PHP to authenticate the external user (requiring OpenSSL compiled in to access the needed functions).

PHPEveryDay.com: New Zend Framework Articles/Tutorials

Wed, 23 Apr 2008 12:06:54 -0500

The PHP Every Day site has just posted a whole new list of tutorials that might interest Zend Framework developers:

Check out their site (or grab their feed) for more PHP-related articles and tutorials.

Matthew Weir O'Phinney's Blog: Login and Authentication with Zend Framework

Mon, 31 Mar 2008 15:03:23 -0500

In a new entry on his blog today, Matthew looks to answer and help those once and for all wondering how to handle user authentication and persistence in their Zend Framework applications.

The typical issue is that they're unsure how to combine: an authentication adapter, a login form, a controller for login/logout actions and checking for an authenticated user in subsequent requests. It's not terribly difficult, but it does require knowing how the various pieces of the MVC fit together, and how to use Zend_Auth. Let's take a look.

He gives the complete code for a loin controller to cover most of that functionality and an example showing how to check for and keep track of which users have been authenticated.

SaniSoft Blog: Bugs & enhancements for Auth component in CakePHP v1.2 - Part 1

Fri, 03 Aug 2007 10:27:00 -0500

On the SaniSoft blog, there's a post pointing out a bugfix and a new enhancement to the Auth component for the CakePHP framework in version 1.2 (part 1):

The auth component is supposed to handle the user login in your app but I was just not able to get that done and there have been similar complaints in the CakePHP mailing list. Since I wanted it *NOW* I had no option but to once again dig into the source - but - hey it is not so bad, they give you the code so that you can change it! right?

His patch involves changing code in two places in the AuthComponent::startup() method to handle the login correctly.