Home > Zend_Amf > Zend Amf+Auth+Acl == secured AMF communication

Zend Amf+Auth+Acl == secured AMF communication

December 29th, 2008
Goto comments Leave a comment

Keigth Craigo created a great blog post on integrating Zend Auth and Zend ACL for doing authentication and access control on your Zend Amf service calls. Make sure you check it out. I used a similar setup to connect to OpenID and it took less than a day because of all that is in Zend Auth.

There is something that Keith is missing that I should have updated into SVN today so he can take advantage of it for another blog post. Keith thanks so much for putting this tutorial together. I greatly appreciate it!

Build a better Login with Adobe Flex, Zend_Amf, Zend_Auth, and Zend_Acl 

Zend_Amf

  1. Keith Craigo
    December 29th, 2008 at 19:58 | #1
    Reply | Quote

    Wade,
    Thank you for taking the time to review and posting this too.
    Looking forward to the updates.

  2. Flashbookmarks
    December 30th, 2008 at 11:29 | #2
    Reply | Quote

    Awesome Keith, there comes to power of the zend framework :)

    @wade keep up the good work.

  3. wadearnold
    December 30th, 2008 at 19:22 | #3
    Reply | Quote

    @Keith Craigo Keith go get the latest trunk and make your third tutorial!

  4. Keith Craigo
    January 10th, 2009 at 19:26 | #4
    Reply | Quote

    @wadearnold
    Wade,
    I finally got some spare time to finish the 3rd tutorial, but I wanted to get your permission to use the functions in your post “Zend Amf now with php session support” before I post it. I’ve provided links back to your post in the tutorial and in the source as well.

    Thank you again for your hard work.

    Keith

  5. Keith Craigo
    January 11th, 2009 at 13:25 | #5
    Reply | Quote

    @wadearnold
    Wade,
    The tutorial is now online.

  6. Lasse Moos
    February 19th, 2009 at 12:38 | #6
    Reply | Quote

    Hello Wade,
    I was wondering, in amfphp we had a beforefilter, what would be the equivalent of that in zend_amf?

    I have this simple example:

    class BackendManager {

    public function __construct() {
    if($_SESSION['logged_in'] === TRUE){
    return false;
    exit;
    }
    }

    public function getProducts() {
    //Function stuff here…
    }
    }

    So when i call getProducts from flex, I would like the constructor to check whether a user is logged in, and if not return false and exit the script so that getProducts() won’t be called..

    I’m trying to use the constructor the way I used amfphp’s beforefilter, not possible?

  7. VetMax
    April 2nd, 2009 at 03:30 | #7
    Reply | Quote

    I’ve got exactly the same problem as Lasse Moos. How can i implement beforefilter?

  8. philou
    May 3rd, 2009 at 08:11 | #8
    Reply | Quote

    Hi Wade,

    I agree with the previous two posts, that there needs to be a way to check whether a specific method-call handled by the AMF Server is authorized. My present solution is to check the ZF Acess Control List inside every method being called by the AMF Server, but that’s not a very elegant solution.

    While we are at it, would it be possible to implement the $server->fault() method? It seems to me that it would just have to duplicate the part of the $server->handle() method responsible for dealing with exceptions thrown by attached functions.

    Many thanks for agreat AMF server implementation!!
    p.

  9. mosesandi
    January 7th, 2010 at 05:14 | #9
    Reply | Quote

    Hi Wade, how about the OpenID login code you wrote? :)

  1. No trackbacks yet.