Zend_Authentication Component Proposal
Darby Felton and Gavin Vess, made a proposol for Zend_Authentication. I went trough it and did some research. Here’s my point of view.
Authentication is any process by which you verify that someone is who they claim they are. This usually involves a username and a password, but can include any other method of demonstrating identity.
Access control hower, is a much more general way of talking about controlling access to a web resource (very abstract). Access can be granted or denied based on a very wide variety of criteria, such as the network address of the client, username, password, the time of day, the phase of the moon, or the browser which the visitor is using.
These techniques are so closely related in most real applications, it is difficult to talk about them separate from one another. However I think that it is a pretty big design decision that has to be made. Do we make a difference between these two, or do we wrapthem in one class?
I would like to ask for brainstorm time, where we can openly consider all ideas to help synthesize a final proposal, before further decisions are made.
stefan said,
Wrote on September 22, 2006 @ 6:52 pm
they are definitely completely seperate entities, if you ask me. Access control may be used even when no authentication is being used, and authentication can be a stand-alone thing happening, even for external resources where the actual access control is done externally.
Also, it is easier to create the two seperately and then in your code combine them for your use, then to create them as one class, and then try to split the functionality. Also, with both flexibility and SOA in the back of my head, seperation of as many pieces as possible (up until a certain limit of course) would definitely be the best approach.