[Xerte-dev] Re: Outstanding Issues (Configurable authentication - incomplete patch attached)

David Goodwin david at palepurple.co.uk
Wed May 30 00:43:53 BST 2012


On 29 May 2012, at 22:39, Julian Tenney wrote:

>> Well, it's not ready/finished/working, and hasn't been tested… 
> 
> I think we are approaching a 'code freeze' point. We need to get the things in that are going in and leave (for now at least) the things that aren't: only you guys know where you are up to on the various things you each have going on. Getting the main Xerte standlone exe built is a great milestone, but we do still need to properly test the 'gold' toolkits code. There is the issue of timings, discussed yesterday.



Hi,

Find attached a patch which takes me up to where I got to with changing the authentication stuff.

Namely :

1. There are some changes to the LDAP module - this partly conflicts with Pat's renaming of $eureka_username. I think I removed the (what seemed) duplication of code between an anonymous bind and authenticated bind - but I've not had a chance to test it, so I could have screwed stuff up.

2. Each 'module' (Static, Db, Ldap etc) should now have a 'getForm()' method (they're not all complete) which is responsible for returning a Zend_Form object. The intention is that when going through the /setup process, the user is firstly given a drop down allowing them to choose which authentication agent they wish to use. After choosing one (e.g. Xerte_Authentication_Db), the setup wizard would render the output from Xerte_Authentication_Db::getForm() (i.e. the output from calling $form->render(new Zend_View())). Upon submitting this, and the validators passing, the database would have persisted in it the appropriate config bits which would be used from then on.

3. When authenticating an end user, the Xerte_Authentication_Db adaptor would read from the Db it's options (from step #2 above) and know how to behave. 

4. My current stumbling block is knowing where to draw the line - namely how much flexibility should I put into each of the authentication adaptors and their self-configuration - clearly it would be possible for the Db adaptor to specify a remote database name, database table, database fields, hashing scheme, salting of passwords and so on - which would make it quite complex.  Likewise, the Ldap adaptor could allow the end user to specify all field names, and so on...

5. There's a little bit more than needs doing to Xerte_Authentication_Abstract so that it handles the POSTing of the Zend_Form object, and storing that into the database, but not much.



zcat patch.txt | patch -p0 within the 'trunk' directory should work if anyone wishes to see what I've done and perhaps finish it. It looks increasingly unlikely that I will be able to work on this within the next fortnight.



thanks
David.


Pale Purple Ltd.  (Company No: 5580814)
'Business Web Application Development and Training in PHP'

http://www.palepurple.co.uk   
Office: 0845 0046746     Mobile: 07792380669 

Follow us on Twitter: @PalePurpleLtd




-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch.txt.gz
Type: application/x-gzip
Size: 57041 bytes
Desc: not available
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20120530/1abdf19e/attachment-0001.gz>


More information about the Xerte-dev mailing list