Using Zend_Auth and Zend_ACL with CI

[eluser]zackwragg[/eluser]
Hi all,

I am relatively new to CodeIgniter (but have to admit that I am loving it).

In my current project I am having to develop a CMS with multiple users levels, and a slightly complex permission system. I have decided to user Zend_ACL for authorization and I thought I would use Zend_Auth for the authentication.

I have been reading through the Zend documentation and it says that for Zend_Auth I need to use Zend_Auth_Adapter_DbTable (and hence the Zend DB adapter). Has anyone out there used the these Zend components and is able to offer insight into how they implemented these?

Primarily, I am wondering if there is some way to use the CI database classes or if I should use the Zend DB libraries for the authentication. However, if anyone can give me any info on their implementation Zend_Auth/Zend_ACL, or any words of encouragement that would be great.

Any help with this would greatly much appreciated.

[eluser]usmc[/eluser]
Check this out
http://www.4webby.com/freakauth/tutorial...de-igniter

Something else you might look into
http://code.google.com/p/reduxauth/

[eluser]zackwragg[/eluser]
Thanks for the links, usmc.

I've already got the Zend libraries linked into my app, but am more interested in the specific implementations of the Zend_Auth and Zend_ACL libraries and the database issue I mentioned.

Have you used ReduxAuth yourself? I had decided to go with Zend as I was already pulling in the ACL stuff and figured I may as well lump the Auth stuff from there as well.

Thanks again.

[eluser]gon[/eluser]
You could write your own Zend_Auth_Adapter_DbTable, copying Zend's and replacing the Zend DB methods for Codeigniter code.

[eluser]zackwragg[/eluser]
Thanks, gon. I may give that a look and see if I can adapt the Zend_Auth_Adapter_DbTable to use the CI code.

I did have a look around for descriptions of an implementation like this but to no avail, so if I get it working I will post my solution here in the hopes that it will be useful to others.

[eluser]zackwragg[/eluser]
I'm having a little trouble trying to find out how to access the CI database stuff from the Zend library. I have tried using standard CI database calls but it's not working. Is there some special way I am supposed to access the CI database calls from within an external library?

Thanks

[eluser]gon[/eluser]
What is exactly your problem?

My approach would be getting a reference to CI object in the Zend object constructor, and accessing the database library from every method that needs database accesss.

[eluser]zackwragg[/eluser]
Thanks gon. I just downloaded some other libraries and looked at their code and saw how they got the reference to CI (I've never dabbled with libraries before and my experience with CI is pretty limited too so it took me a while to get to it).

[eluser]usmc[/eluser]
[quote author="zackwragg" date="1226798424"]Thanks for the links, usmc.

I've already got the Zend libraries linked into my app, but am more interested in the specific implementations of the Zend_Auth and Zend_ACL libraries and the database issue I mentioned.

Have you used ReduxAuth yourself? I had decided to go with Zend as I was already pulling in the ACL stuff and figured I may as well lump the Auth stuff from there as well.

Thanks again.[/quote]

Ah I see. I do not have sample code for ACL. Wish I did.
ReduxAuth is solid. I like Freakauth as well but it hasn't been updated in a while. It makes sense that you would take advantage of ACL. If I come across a decent example I will send it your way.

[eluser]thurting[/eluser]
Zend_Auth and Zend_Acl are not tied into each other at all. If you want to use Zend_Auth, you can either use an existing adapter or create your own. The easiest thing for you to do would be to create your own authentication methods and simply store authenticated user information into a Zend_Auth_Storage_Interface (I suggest Session). Then, because Zend_Auth is a singleton, from any point in your app you can get the singleton instance and check the storage to see if a user is authenticated. If authenticated, you can get the user's role and validate it against your ACL.