FW: [dev] Single Sign-On
Thomas Fichtenbauer
thomas.fichtenbauer@mamilade.at
Mon Nov 18 04:39:45 2002
> I would suggest something like:
>
> function getAuth()
> {
> global $conf;
> $auth = &Auth::singleton($conf['auth']['driver']);
> if ($auth->hasCapability('transparent') {
> $auth->getAuth();
> }
>
> if (array_key_exists('__auth', $_SESSION)) {
> if (!empty($_SESSION['__auth']['authenticated']) &&
> !empty($_SESSION['__auth']['userID'])) {
> return $_SESSION['__auth']['userID'];
> }
> }
>
> return false;
> }
>
> This way the auth-extension is free to handle all the checks
> needed, including the timeout issues. And the code in Auth.php
> is simple enough for all the others not to make mistakes.
>
> What do you think? Would you accept such a change?
I assume that inner call should be $auth->transparent()? What you have there
is infinite recursion.
This adds a fair amount of overhead to Auth::getAuth(), unfortunately. Why
don't you just have your PHP sessions expire after 30 minutes (or whatever
your other auth system times out after)?
-chuck
--
Charles Hagenbuch, <chuck@horde.org>
"People ask me all the time what it will be like living without otters."
- Google, thanks to Harpers
More information about the dev
mailing list