Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

IBM developerWorks:
Implement access control with Agavi
Oct 28, 2009 @ 14:50:09

The IBM developerWorks website has posted the sixth part of their tutorial series on the Agavi framework from Vikram Vaswani. This time he focuses on creating an access control system for their sample application.

Agavi's focus on application security doesn't end with input validation. The framework also exposes a powerful user authentication and access control subsystem that you can customize it to meet the requirements of almost any Web application. This subsystem supports both simple login-based authentication and more complex role-based access control (RBAC), and it provides a solid foundation for application-level privilege management and manipulation.

He introduces the three main principles - passwords, privileges and roles - and shows how to use them with login validation and setting up the user roles (as fetched from a database table). Code examples and screenshots are included as well as a download package of everything.

tagged: access control agavi framework tutorial

Link: