[Chameleon-dev] [Bug 972] New: [Chameleon - Core] add capability to authenticate users

bugzilla-daemon at maptools.org bugzilla-daemon at maptools.org
Mon Feb 21 19:56:52 EST 2005 

http://www.maptools.org/bugzilla/show_bug.cgi?id=972

           Summary: [Chameleon - Core] add capability to authenticate users
           Product: Chameleon
           Version: 2.2
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P1
         Component: Core
        AssignedTo: chameleon-dev at lists.maptools.org
        ReportedBy: pspencer at dmsolutions.ca


The desired addition is to add at least a basic level of authentication
capability to Chameleon.  The specific requirement is to support sqlite
databases for authentication, but the architecture needs to support multiple
methods of authentication.

Chameleon core class will be modified to include a new member variable,
moAuthenticator.  This variable is null by default and this indicates no
authentication is performed.  To have Chameleon perform default (built in)
authentication, this member variable is assigned an object which implements two
methods:

isAuthenticated(): returns true or false if the current connection is authenticated

authenticate($user,$password): authenticates a user

A basic authentication class is provided in Authenticator.php.  This takes a
pointer to an abstract database class constructed from one of the adb-supported
databases ... currently only sqlite.  Notes on adb further on ...

The Authenticator is somewhat flexible and can be connected to any backend adb
database with configurable table and fields.  It runs an SQL query against the
database for the current user and md5() of the password looking for a match.

To implement custom authentication, you can override the CWCAuthenticate()
method in your Chameleon application class.  This method is responsible for
providing authentication and can be set up to do anything you wish.  The default
implementation looks for an Authenticator object and uses it if found.

CWCAuthenticate is called as the first step of CWCExecute.

A new module, adb, will be added to php_utils to provide a light-weight database
wrapper with minimal functionality.  It is similar to ADODB, lighter weight but
far less capable.  It would be possible to hook up an ADODB authenticator.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.


Please do NOT reply to this email, use the link above instead to 
login to bugzilla and submit your comment. Any email reply to this
address will be lost.

More information about the Chameleon-dev mailing list