Docs For Class AmfphpAuthentication

Class AmfphpAuthentication

Description

Authentication for Amfphp.

On a service object, the plugin looks for a method called getMethodRoles. If the method exists, the plugin will look for a role in the session that matches the role. If the roles don't match, an Exception is thrown. The getMethodRoles takes a parameter $methodName, and must return an array of strings containing acceptable roles for the method. If the return value is null, it is considered that that particular method is not protected.

For example:

public function getMethodRoles($methodName){
if($methodName == "adminMethod"){
return array("admin");
}else{
return null;
}
}

To authenticate a user, the plugin looks for a "login" method. This method can either be called explicitly, or by setting a header with the name "Credentials", containing {userid: userid, password: password}, as defined by the AS2 NetConnection.setCredentials method. It is considered good practise to have a "logout" method, though this is optional The login method returns a role in a "string". It takes 2 parameters, the user id and the password. The logout method should call AmfphpAuthentication::clearSessionInfo();

See the AuthenticationService class in the test data for an example of an implementation.

author: Ariel Sommeria-klein

Located in /Amfphp/Plugins/AmfphpAuthentication/AmfphpAuthentication.php (line 42)

Class Constant Summary

METHOD_GET_METHOD_ROLES = "getMethodRoles"

METHOD_LOGIN = "login"

SESSION_FIELD_ROLES = "amfphp_roles"

Variable Summary

String $headerUserId

Method Summary

static void addRole ( $roleToAdd, String $role)

static void clearSessionInfo ()

AmfphpAuthentication __construct ([ $config = null])

AmfphpAuthentication filterAmfRequestHeaderHandler (Object $handler, $header)

filterServiceObject (