Best way to handle authentication with MY_Controller ?

[eluser]benoa[/eluser]
I'm currently building a project that requires two layers of authentication : admin and clients.

So I went through many Open Source CI apps in order to see how authentication was managed. Looking at Bamboo Invoice's MY_Controller, I found a smart way to protect a list of controllers :

Code:

<?php if (!defined('BASEPATH')) exit('No direct script access allowed');

class MY_Controller extends Controller
{

    function My_Controller()
    {
        parent::Controller();

        // a list of unlocked (ie: not password protected) controllers.  We assume
        // controllers are locked if they aren't explicitly on this list
        $unlocked = array('changelog', 'credits', 'donate', 'front', 'help', 'login');

        if ( ! $this->site_sentry->is_logged_in() AND ! in_array(strtolower(get_class($this)), $unlocked))
        {
            redirect('login/');
        }

    }

}

We could store the $unlocked array in a config file, or in a database so that the administrator can decide which parts of the sites are supposed to be restricted access (from the backend). I can see an implementation of roles here too.

I found this was useful, but I would like to know if you ci-mates have another way of managing access to your controllers ?