Zeta Components - high quality PHP components

Zeta Components Manual :: Docs For Class ezcAuthenticationGroupFilter

Authentication::ezcAuthenticationGroupFilter

Class ezcAuthenticationGroupFilter

Group authentication filters together.

If there are no filters in the group, then the run() method will return STATUS_OK.

The way of grouping the filters is specified with the mode option:

  • ezcAuthenticationGroupFilter::MODE_OR (default): at least one filter in the group needs to succeed in order for the group to succeed.
  • ezcAuthenticationGroupFilter::MODE_AND: all filters in the group need to succeed in order for the group to succeed.
Example of using the mode option:
  1.  $options = new ezcAuthenticationGroupOptions();
  2.  $options->mode = ezcAuthenticationGroupFilter::MODE_AND;
  3.  
  4.  // $filter1 and $filter2 are authentication filters which all need to succeed
  5.  // in order for the group to succeed
  6.  $filter = new ezcAuthenticationGroupFilter( array( $filter1, $filter2 ), $options );

Example of using the group filter with LDAP and Database filters:

  1.  $credentials = new ezcAuthenticationPasswordCredentials( 'jan.modaal', 'qwerty' );
  2.  
  3.  // create a database filter
  4.  $database = new ezcAuthenticationDatabaseInfo( ezcDbInstance::get(), 'users', array( 'user', 'password' ) );
  5.  $databaseFilter = new ezcAuthenticationDatabaseFilter( $database );
  6.  
  7.  // create an LDAP filter
  8.  $ldap = new ezcAuthenticationLdapInfo( 'localhost', 'uid=%id%', 'dc=example,dc=com', 389 );
  9.  $ldapFilter = new ezcAuthenticationLdapFilter( $ldap );
  10.  $authentication = new ezcAuthentication( $credentials );
  11.  
  12.  // use the database and LDAP filters in paralel (at least one needs to succeed in
  13.  // order for the user to be authenticated)
  14.  $authentication->addFilter( new ezcAuthenticationGroupFilter( array( $databaseFilter, $ldapFilter ) ) );
  15.  // add more filters if needed
  16.  if ( !$authentication->run() )
  17.  {
  18.      // authentication did not succeed, so inform the user
  19.      $status = $authentication->getStatus();
  20.      $err = array(
  21.              array( 'ezcAuthenticationLdapFilter' => array(
  22.                  ezcAuthenticationLdapFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username',
  23.                  ezcAuthenticationLdapFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'
  24.                  ) ),
  25.              array( 'ezcAuthenticationDatabaseFilter' => array(
  26.                  ezcAuthenticationDatabaseFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username',
  27.                  ezcAuthenticationDatabaseFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'
  28.                  ) )
  29.              );
  30.      foreach ( $status as $line => $error )
  31.      {
  32.          list( $key, $value ) = each( $error );
  33.          echo $err[$line][$key][$value] . "\n";
  34.      }
  35.  }
  36.  else
  37.  {
  38.      // authentication succeeded, so allow the user to see his content
  39.  }

It is possible to use multiple credentials when grouping filters together, by enabling the option multipleCredentials for the Group filter object. When this option is enabled, each filter added to the group must have a credentials object passed along with it.

Example of using the Group filter to handle multiple credentials:

  1.  $credentials1 = new ezcAuthenticationPasswordCredentials( 'jan.modaal', 'b1b3773a05c0ed0176787a4f1574ff0075f7521e' ); // incorrect password
  2.  $credentials2 = new ezcAuthenticationPasswordCredentials( 'john.doe', 'wpeE20wyWHnLE' ); // correct username + password
  3.  
  4.  $options = new ezcAuthenticationGroupOptions();
  5.  $options->multipleCredentials = true;
  6.  $options->mode = ezcAuthenticationGroupFilter::MODE_AND;
  7.  $group = new ezcAuthenticationGroupFilter( array(), $options );
  8.  
  9.  $group->addFilter( new ezcAuthenticationHtpasswdFilter( '../../tests/filters/htpasswd/data/htpasswd' ), $credentials1 );
  10.  $group->addFilter( new ezcAuthenticationHtpasswdFilter( '../../tests/filters/htpasswd/data/htpasswd' ), $credentials2 );
  11.  
  12.  $authentication = new ezcAuthentication( $credentials1 );
  13.  $authentication->addFilter( $group );
  14.  // add more filters if needed
  15.  
  16.  if ( !$authentication->run() )
  17.  {
  18.      // authentication did not succeed, so inform the user
  19.      $status = $authentication->getStatus();
  20.  
  21.      $err = array(
  22.                  array( 'ezcAuthenticationHtpasswdFilter' => array(
  23.                          ezcAuthenticationHtpasswdFilter::STATUS_OK => '',
  24.                          ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username ' . $credentials1->id,
  25.                          ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password for ' . $credentials1->id
  26.                          ) ),
  27.  
  28.                  array( 'ezcAuthenticationHtpasswdFilter' => array(
  29.                          ezcAuthenticationHtpasswdFilter::STATUS_OK => '',
  30.                          ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username ' . $credentials2->id,
  31.                          ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password for ' . $credentials2->id
  32.                          ) )
  33.                  );
  34.  
  35.      foreach ( $status as $line => $error )
  36.      {
  37.          list( $key, $value ) = each( $error );
  38.          echo $err[$line][$key][$value] . "\n";
  39.      }
  40.  }
  41.  else
  42.  {
  43.      // authentication succeeded, so allow the user to see his content
  44.  }

Source for this file: /Authentication/src/filters/group/group_filter.php

ezcAuthenticationFilter
   |
   --ezcAuthenticationGroupFilter
Version:   //autogen//

Constants

MODE_AND = 2 All the filters need to succeed in order for the group to succeed.
MODE_OR = 1 At least one filter needs to succeed in order for the group to succeed.
STATUS_GROUP_FAILED = 1 All or some of the filters in the group failed (depeding on the mode option).

Inherited Constants

From ezcAuthenticationFilter:
ezcAuthenticationFilter::STATUS_OK    Successful authentication.

Properties

ezcAuthenticationStatus read/write $status
The status object which holds the status of the run filters.

Member Variables

protected array(ezcAuthenticationFilter) $filters = array()
Authentication filters.

Inherited Member Variables

From ezcAuthenticationFilter
protected ezcAuthenticationFilter::$options

Method Summary

public ezcAuthenticationGroupFilter __construct( $filters , [ $options = null] )
Creates a new object of this class.
public void addFilter( $filter , [ $credentials = null] )
Adds an authentication filter at the end of the filter list.
public int run( $credentials )
Runs the filter and returns a status code when finished.

Inherited Methods

From ezcAuthenticationFilter
public ezcAuthenticationFilterOptions ezcAuthenticationFilter::getOptions()
Returns the options of this class.
public abstract int ezcAuthenticationFilter::run()
Runs the filter and returns a status code when finished.
public void ezcAuthenticationFilter::setOptions()
Sets the options of this class to $options.

Methods

__construct

ezcAuthenticationGroupFilter __construct( $filters , [ezcAuthenticationGroupOptions $options = null] )

Creates a new object of this class.

The filters can be specified as an array of filter objects, or as an array of array(fiter,credentials) when the multipleCredentials option is enabled.

Example of using multipleCredentials:

  1.  $credentials1 = new ezcAuthenticationPasswordCredentials( 'john.doe', '1234' );
  2.  $credentials1 = new ezcAuthenticationPasswordCredentials( 'jan.modaal', 'qwerty' );
  3.  
  4.  $filter1 = new ezcAuthenticationHtpasswdFilter( '/etc/htpasswd1' );
  5.  $filter2 = new ezcAuthenticationHtpasswdFilter( '/etc/htpasswd2' );
  6.  
  7.  // enable multiple credentials
  8.  $options = new ezcAuthenticationGroupOptions();
  9.  $options->multipleCredentials = true;
  10.  
  11.  // add the filters to the group with the constructor
  12.  $group = new ezcAuthenticationGroupFilter( array(
  13.               array( $filter1, $credentials1 ),
  14.               array( $filter2, $credentials2 ) ), $options );
  15.  
  16.  // the filters can also be added to the group with addFilter()
Parameters:
Name Type Description
$filters array(ezcAuthenticationFilter|mixed) Authentication filters
$options ezcAuthenticationGroupOptions Options for this class
Exceptions:
Type Description
ezcAuthenticationException if the multipleCredentials option is enabled and a credentials object was not specified

addFilter

void addFilter( ezcAuthenticationFilter $filter , [ezcAuthenticationCredentials $credentials = null] )

Adds an authentication filter at the end of the filter list.

Example of using multipleCredentials:

  1.  $credentials1 = new ezcAuthenticationPasswordCredentials( 'john.doe', '1234' );
  2.  $credentials1 = new ezcAuthenticationPasswordCredentials( 'jan.modaal', 'qwerty' );
  3.  
  4.  $filter1 = new ezcAuthenticationHtpasswdFilter( '/etc/htpasswd1' );
  5.  $filter2 = new ezcAuthenticationHtpasswdFilter( '/etc/htpasswd2' );
  6.  
  7.  // enable multiple credentials
  8.  $options = new ezcAuthenticationGroupOptions();
  9.  $options->multipleCredentials = true;
  10.  
  11.  // add the filters to the group with addFilter()
  12.  $group = new ezcAuthenticationGroupFilter( array(), $options );
  13.  $group->addFilter( $filter1, $credentials1 );
  14.  $group->addFilter( $filter2, $credentials2 );
  15.  
  16.  // the filters can also be added to the group with the constructor
Parameters:
Name Type Description
$filter ezcAuthenticationFilter The authentication filter to add
$credentials ezcAuthenticationCredentials Credentials object associated with $filter if the multipleCredentials option is enabled
Exceptions:
Type Description
ezcAuthenticationGroupException if the multipleCredentials option is enabled and a credentials object was not specified

run

int run( ezcAuthenticationCredentials $credentials )

Runs the filter and returns a status code when finished.

Parameters:
Name Type Description
$credentials ezcAuthenticationCredentials Authentication credentials
Redefinition of:
Method Description
ezcAuthenticationFilter::run() Runs the filter and returns a status code when finished.
Documentation generated by phpDocumentor 1.4.3