CHAPTER 3User Authentication, Authorization, and Management
In Chapter 2 we looked at the Model-View-Controller design pattern, which allowed us to easily separate our application logic from the display logic, and we implemented it using
Zend_Controller_Front. We will now extend our application controller to deal with user authentication, user authorization, and user management.
At this stage, you may be wondering what the difference between authentication and authorization is.
- Authentication: Determines whether a user is in fact who they claim to be. This is typically performed using a unique username (their identity) and a password (their credentials).
- Authorization: Determines whether a user is allowed to access a particular resource, given ...