Comments on: PHP Authentication and Access Control Libraries http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/ News, opinion, and fresh thinking for web developers and designers. The official podcast of sitepoint.com. Sat, 07 Nov 2009 23:35:20 -0500 http://wordpress.org/?v=2.8.4 hourly 1 By: DarkPilgrim http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-646236 DarkPilgrim Mon, 03 Mar 2008 02:46:30 +0000 835623113#comment-646236 I think I'd like to use phpGACL. agentolivia's link "was" great(but out of date). I think I’d like to use phpGACL. agentolivia’s link “was” great(but out of date).

]]> By: Russell http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-37628 Russell Fri, 14 Jul 2006 17:00:35 +0000 835623113#comment-37628 agentolivia - thanks for the link - I have come back here on a number of occasions researching authentication and have never settled on a solution that was right for me. I followed your link and it so far it seems to be exactly what I was looking for. Cheers! agentolivia – thanks for the link – I have come back here on a number of occasions researching authentication and have never settled on a solution that was right for me. I followed your link and it so far it seems to be exactly what I was looking for. Cheers!

]]> By: sevengraff http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-472 sevengraff Tue, 30 Nov 1999 00:00:00 +0000 835623113#comment-472 <p>I am suprised you didn't metion phpGACL (http://phpgacl.sourceforge.net/). It's an impressive library that that allows for some of the things you listed.</p> I am suprised you didn’t metion phpGACL (http://phpgacl.sourceforge.net/). It’s an impressive library that that allows for some of the things you listed.

]]> By: HarryF http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-473 HarryF Tue, 30 Nov 1999 00:00:00 +0000 835623113#comment-473 <p>Thanks for the tip off.</p> <p>Like I say the last time I really went looking was ages ago. PHPGACL has blipped on the radar once or twice but never looked at it. Guess now's the time... ;)</p> Thanks for the tip off.

Like I say the last time I really went looking was ages ago. PHPGACL has blipped on the radar once or twice but never looked at it. Guess now’s the time… ;)

]]> By: Dangermouse http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-474 Dangermouse Tue, 30 Nov 1999 00:00:00 +0000 835623113#comment-474 <p>No non-pear packages?</p> No non-pear packages?

]]> By: HarryF http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-475 HarryF Tue, 30 Nov 1999 00:00:00 +0000 835623113#comment-475 <p><blockquote><p><br /> No non-pear packages?<br /> </p></blockquote></p> <p>Anything you like to recommend, feel free. I just named those two as I have a rough idea of them.</p>

No non-pear packages?

Anything you like to recommend, feel free. I just named those two as I have a rough idea of them.

]]> By: schst http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-476 schst Tue, 30 Nov 1999 00:00:00 +0000 835623113#comment-476 <p>patUser: http://www.php-tools.net/patUser</p> <p>Stephan</p> patUser: http://www.php-tools.net/patUser

Stephan

]]> By: Martin Jansen http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-477 Martin Jansen Tue, 30 Nov 1999 00:00:00 +0000 835623113#comment-477 <p>The Horde folks have a fine authentication system in their framework as well (http://cvs.horde.org/browse.php/framework/Auth/).</p> <p>P.S. The "official" URL for referring to PEAR packages is http://pear.php.net/package/Foo, not http://pear.php.net/Foo. (Both work fine though.)</p> The Horde folks have a fine authentication system in their framework as well (http://cvs.horde.org/browse.php/framework/Auth/).

P.S. The “official” URL for referring to PEAR packages is http://pear.php.net/package/Foo, not http://pear.php.net/Foo. (Both work fine though.)

]]> By: Widow Maker http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-478 Widow Maker Tue, 30 Nov 1999 00:00:00 +0000 835623113#comment-478 <p>Martin, thanks for the link to the Horde framework :)</p> <p>Have you (personally) used this before, as looking over the various classes briefly, it looks like it can do some real damage to the time it takes to develop applications, lol</p> Martin, thanks for the link to the Horde framework :)

Have you (personally) used this before, as looking over the various classes briefly, it looks like it can do some real damage to the time it takes to develop applications, lol

]]> By: Markus Wolff http://www.sitepoint.com/blogs/2004/06/11/php-authentication-and-access-control-libraries/comment-page-1/#comment-479 Markus Wolff Tue, 30 Nov 1999 00:00:00 +0000 835623113#comment-479 <p>Actually, most of what you described above actually describes what LiveUser does quite well ;-)</p> <p>- It has pluggable Authentication modules (not many yet, but there also is a wrapper around PEAR::Auth available so you can leverage all its containers as well).</p> <p>- It has pluggable Authorization containers, meaning you could implement any kind of permission management that fits your need and use it with LiveUser, as long as you stick to the LiveUser container API.</p> <p>- It already comes with several permission management containers that are interoperable, but reflect different levels of complexity. Once your website grows and needs more complex permission management, just switch the container to the next more complex container and it will work - without touching any of your code</p> <p>- You can either assign rights directly to users or to user groups. You can also revoke certain rights for individual users even though they would normally have then through group memberships</p> <p>The only thing you mentioned that is not yet there is role-based permission management, because for a long time the developers (including me) thought that this can easily be achieved using groups as well - but since the users didn't seem to see it like we do, "roles" will be implemented soon as well.</p> <p>If you're interested in the roadmap, there's now a wiki at:</p> <p>http://pear.limbourg.com/</p> <p>Regards,<br /> Markus<br /> </p> Actually, most of what you described above actually describes what LiveUser does quite well ;-)

- It has pluggable Authentication modules (not many yet, but there also is a wrapper around PEAR::Auth available so you can leverage all its containers as well).

- It has pluggable Authorization containers, meaning you could implement any kind of permission management that fits your need and use it with LiveUser, as long as you stick to the LiveUser container API.

- It already comes with several permission management containers that are interoperable, but reflect different levels of complexity. Once your website grows and needs more complex permission management, just switch the container to the next more complex container and it will work – without touching any of your code

- You can either assign rights directly to users or to user groups. You can also revoke certain rights for individual users even though they would normally have then through group memberships

The only thing you mentioned that is not yet there is role-based permission management, because for a long time the developers (including me) thought that this can easily be achieved using groups as well – but since the users didn’t seem to see it like we do, “roles” will be implemented soon as well.

If you’re interested in the roadmap, there’s now a wiki at:

http://pear.limbourg.com/

Regards,
Markus

]]>