zend_auth and clearidentity... wont clear my identity.

Posted on 2012-08-16
Last Modified: 2012-08-20
When I click logout in my application it simply wont clear my identity. I get redirected back to the index page and I can still see my username which i echo back just for testing.

I can see the session data on the linux box under /tmp so it is being written no problem just not being cleared.

I just can't figure this one out.

Bootstrap file
class Bootstrap extends Zend_Application_Bootstrap_Bootstrap

        private $_acl = null;
        private $_auth = null;

        protected function _initAutoload() {
                $modelLoader = new Zend_Application_Module_Autoloader(array(
                        'namespace' => '',
                        'basePath' => APPLICATION_PATH));

                $this->_acl = new Model_SystemAcl;
                $this->_auth = Zend_Auth::getInstance();

                $fc = Zend_Controller_Front::getInstance();
                $fc->registerPlugin(new Plugin_AccessCheck($this->_acl,$this->_auth));

                return $modelLoader;

        protected function _initPlaceholders()
                $view = $this->getResource('View');

                // Set the initial title and separator:
                $view->headTitle('My Site')->setSeparator(' :: ');

                         // Set the initial stylesheet:
                $navContainerConfig = new Zend_Config_Xml(APPLICATION_PATH . '/configs/navigation.xml','nav');
                $navContainer =  new Zend_Navigation($navContainerConfig);



Open in new window



phpSettings.display_startup_errors = 0
phpSettings.display_errors = 0
includePaths.library = APPLICATION_PATH "/../library"
bootstrap.path = APPLICATION_PATH "/Bootstrap.php"
bootstrap.class = "Bootstrap"

appnamespace = "Application"

pluginpaths.plugins = "Plugins"

resources.frontController.controllerDirectory = APPLICATION_PATH "/controllers"
resources.frontController.params.displayExceptions = 0
resources.view[] =

resources.layout.layoutPath = APPLICATION_PATH "/layouts/scripts/"

resources.db.adapter = PDO_MYSQL = localhost
resources.db.params.username = omanu
resources.db.params.password = 0m4nu123
resources.db.params.dbname = swimdo_omanu

[staging : production]

[testing : production]
phpSettings.display_startup_errors = 1
phpSettings.display_errors = 1

[development : production]
phpSettings.display_startup_errors = 1
phpSettings.display_errors = 1
resources.frontController.params.displayExceptions = 1

Open in new window


class AuthenticationController extends Zend_Controller_Action

    public function init()
        /* Initialize action controller here */

    public function indexAction()
        // action body

    public function loginAction()

        //if already logged in redirect to index
        if (Zend_Auth::getInstance()->hasIdentity()) {

        //get form data
        $request = $this->getRequest();
        $form = new Application_Form_LoginForm();

        //check if posted data
        if($request->isPost()) {
                //cehck iif valid data
                if ($form->isValid($this->_request->getPost())) {
                        $authAdapter = $this->getAuthAdapter();

                        $email = $form->getValue('email');
                        $password = $form->getValue('password');


                        $auth = Zend_Auth::getInstance();
                        $result = $auth->authenticate($authAdapter);

                        if ($result->isValid()) {

                                $identity = $authAdapter->getResultRowObject();
                                $authStorage = $auth->getStorage();


                        } else {
                                $this->view->errorMessage = 'Something is wrong!';


        $this->view->form = $form;


    public function logoutAction()
        $auth = Zend_Auth::getInstance();

    private function getAuthAdapter() {
        $authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter());
        return $authAdapter;

Open in new window

AccessCheck.php Plugin

class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {
        private $_acl = null;
        private $_auth = null;

        public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
                $this->_acl = $acl;
                $this->_auth = $auth;

        public function preDispatch(Zend_Controller_Request_Abstract $request) {
                $resource = $request->getControllerName();
                $action = $request->getActionName();

                if (Zend_Auth::getInstance()->hasIdentity()) {
                        $identity = $this->_auth->getStorage()->read();
                        $role = $identity->uType;
                //} else {
                //      $role = 'guest';

                if (!$this->_acl->isAllowed($role, $resource, $action)) {

Open in new window

Question by:bradnz
    LVL 107

    Accepted Solution

    That's a lot of code to debug, but maybe I can suggest some strategies that will be helpful.  First, set error_reporting(E_ALL); and ini_set('display_errors', TRUE);.  Next use var_dump($_SESSION); and use var_dump() with any other variables that might be in play.  When you can visualize the data, it will be much easier to see what is going on.

    Author Closing Comment

    Thanks Ray, your tips helped.

    What I ended up doing was writing to zend_registry and doing some trial and error to establish what was going on... eventually i got to the fact that the code was not even being run!!! damit!
    I had an issue in the acl in another file!! gutted! spent a day or so looking at this!

    All good now though. Thanks

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    In this article you'll learn how to use Ajax calls within your CodeIgniter application. To explain this, I'll illustrate how to implement a simple contact form to allow visitors to send you an email through your web site.
    It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
    The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
    The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now