Home/ Questions/Q 4062502
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T15:36:23+00:00

There is a situation: I store some structured data (e.g. array or object, or

  • 0

There is a situation: I store some structured data (e.g. array or object, or even string) as a Zend_Auth identity. From version to version the structure of identity could be changed thus identity from one version could (or could not) be compatible with application code of another version.

I’d like to have an ability to validate whether the stored identity data conform to current version requirements.

As I see from the manual, the verification of whether the identity exists is performed like:

$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
    // Identity exists; get it
    $identity = $auth->getIdentity();
}

But there is no ability to hook into hasIdentity() method or somewhere else to perform the validation.

The only way I see to do that is to implement my own Zend_Auth_Storage_Interface class that will use some other storage as implementation and perform the validation of stored data.

Is there any more proper solution?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’m not totally sure to understand but it looks like you misunderstanding the difference between Authorization and Authentication.

    Zend_Auth is about Authentication, therefore you should not use Zend_Auth to process Authorization but Zend_Acl.

    However, if what you want is to store an additional information from the Authentication process (ie Database Authentication) you can use the getResultRowObject($returnColumns, $ommitColumns); method.

    There are several implementation to get the “Row Object” depending on your current Adapter.

    Zend_Auth_Storage_Interface is about storing the result, I don’t think you’ll need to do such implementation since it’s about storing the identity object in session or in a database for example.

    What you may want is to use Zend_Acl and construct an Access Control List which defines generically a Role (can be an user), a Resource (your version-ed application), a Privilege (can use or not)

    Note: *Most people have difficulties to use Zend_Acl because they think in Module/Controller/Action, but it is just one way to define resource.
    A resource can be whatever you want, a entire application, a controller action, a view, another user, a database connection, etc.*

    • 0