Jump to content

Zend_Acl, Zend_Auth & Zend_Session

aniesh82

By aniesh82
in Frameworks

 Share

Recommended Posts

aniesh82 Member

aniesh82

Posted
Posted

Hi,

 

About the difference & usage of Zend Framework Acl, Auth & Session Components.

 

I am working on a Blog application by using Zend Framework. I found that, I can do the checking of user permission to different areas of the site by using ACL component. But the same thing can be do by using Session like in native php.

 

Which one is the used widely in Zend Development ?

 

Also, on login time , login details are stored by using Zend_Auth. How can I store other user details such as user id, email id etc? Where usually store these details, in Session or Zend_Auth or Zend_Acl ? Does it use Zend_Acl for storing the details or only for controlling the access permissions?

 

I am new to Zend Framework and doesn't get a clear idea about the difference between Zend_Acl,Zend_Auth & Zend_Session

 

Please help me.

 

Thanks in advance.

 

 

Link to comment
Share on other sites
gizmola Prolific Member

gizmola

Posted
Posted

They are two entirely different things.  ACL is designed to restrict access to areas by group permission level.  Session is a generic facility.  In Zend's case it's a fairly minimal wrapper around the basic PHP session capability.  Of course sessions are designed for you to persist information about a user across HTTP requests.  In other words, the ACL is specifically designed for you to secure your site, whereas session is a generic facility for storing session state - which typically includes a lot more data than what is needed for authentication and security.

Link to comment
Share on other sites
JustinM01 Member

JustinM01

Posted
Posted

Zend_ACL is for controlling access only. Use Zend_Auth to store details once the user has been authorized. Like so:

$session = new Zend_Session_Namespace('Zend_Auth');

/* Add a valid property to the session and set its value to true */
$session->valid = true;

 

I believe Zend_Auth creates a default namespace called 'Zend_Auth'. You will have to verify that in the docs though. As long as you create the namespace like I've shown and pass the namespace name to the constructor, you will be able to access anything your try and store. Zend Framework is designed so that you really shouldn't be using Zend_Session or PHP's builtin session management. Just take a look at the Zend Framework Programmer's Reference. It should be able to answer most of your questions.

 

EDIT: Zend_Session will need to be used for somethings, such as logging out.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.