• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1618
  • Last Modified:

zend_auth and clearidentity... wont clear my identity.

When I click logout in my application it simply wont clear my identity. I get redirected back to the index page and I can still see my username which i echo back just for testing.

I can see the session data on the linux box under /tmp so it is being written no problem just not being cleared.

I just can't figure this one out.



Bootstrap file
======================================================================
class Bootstrap extends Zend_Application_Bootstrap_Bootstrap
{

        private $_acl = null;
        private $_auth = null;


        protected function _initAutoload() {
                $modelLoader = new Zend_Application_Module_Autoloader(array(
                        'namespace' => '',
                        'basePath' => APPLICATION_PATH));

                $this->_acl = new Model_SystemAcl;
                $this->_auth = Zend_Auth::getInstance();

                $fc = Zend_Controller_Front::getInstance();
                $fc->registerPlugin(new Plugin_AccessCheck($this->_acl,$this->_auth));

                return $modelLoader;
        }

        protected function _initPlaceholders()
        {
                $this->bootstrap('View');
                $view = $this->getResource('View');
                $view->doctype('XHTML1_STRICT');

                // Set the initial title and separator:
                $view->headTitle('My Site')->setSeparator(' :: ');

                         // Set the initial stylesheet:
                $view->headLink()->prependStylesheet('/styles/default.css');
                $navContainerConfig = new Zend_Config_Xml(APPLICATION_PATH . '/configs/navigation.xml','nav');
                $navContainer =  new Zend_Navigation($navContainerConfig);
                $view->navigation($navContainer)->setAcl($this->_acl)->setRole($this->_auth->getStorage()->read()->uType);

        }


}

Open in new window



Application.ini
======================================================================


[production]

phpSettings.display_startup_errors = 0
phpSettings.display_errors = 0
includePaths.library = APPLICATION_PATH "/../library"
bootstrap.path = APPLICATION_PATH "/Bootstrap.php"
bootstrap.class = "Bootstrap"

appnamespace = "Application"

pluginpaths.plugins = "Plugins"

resources.frontController.controllerDirectory = APPLICATION_PATH "/controllers"
resources.frontController.params.displayExceptions = 0
resources.view[] =



resources.layout.layoutPath = APPLICATION_PATH "/layouts/scripts/"



resources.db.adapter = PDO_MYSQL
resources.db.params.host = localhost
resources.db.params.username = omanu
resources.db.params.password = 0m4nu123
resources.db.params.dbname = swimdo_omanu

[staging : production]

[testing : production]
phpSettings.display_startup_errors = 1
phpSettings.display_errors = 1

[development : production]
phpSettings.display_startup_errors = 1
phpSettings.display_errors = 1
resources.frontController.params.displayExceptions = 1
~

Open in new window




AuthenticationController.php
======================================================================


class AuthenticationController extends Zend_Controller_Action
{

    public function init()
    {
        /* Initialize action controller here */
    }

    public function indexAction()
    {
        // action body
    }

    public function loginAction()
    {

        //if already logged in redirect to index
        if (Zend_Auth::getInstance()->hasIdentity()) {
                $this->_redirect('index/index');
        }

        //get form data
        $request = $this->getRequest();
        $form = new Application_Form_LoginForm();

        //check if posted data
        if($request->isPost()) {
                //cehck iif valid data
                if ($form->isValid($this->_request->getPost())) {
                        $authAdapter = $this->getAuthAdapter();

                        $email = $form->getValue('email');
                        $password = $form->getValue('password');

                        $authAdapter->setIdentity($email)
                                ->setCredential($password);

                        $auth = Zend_Auth::getInstance();
                        $result = $auth->authenticate($authAdapter);

                        if ($result->isValid()) {

                                $identity = $authAdapter->getResultRowObject();
                                $authStorage = $auth->getStorage();
                                $authStorage->write($identity);

                                $this->_redirect('index/index');

                        } else {
                                $this->view->errorMessage = 'Something is wrong!';
                        }


                }
        }

        $this->view->form = $form;

    }

    public function logoutAction()
    {
        $auth = Zend_Auth::getInstance();
        $auth->clearIdentity();
        //Zend_Auth::getInstance()->clearIdentity();
        //print_r($authAdapter->getResultRowObject());
        Zend_Session::forgetMe();
        $this->_forward('/');
    }


    private function getAuthAdapter() {
        $authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter());
        $authAdapter->setTableName('users')
                    ->setIdentityColumn('uEmail')
                    ->setCredentialColumn('uPassword')
                    ->setCredentialTreatment('MD5(?)');
        return $authAdapter;
    }
}

Open in new window



AccessCheck.php Plugin

class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {
        private $_acl = null;
        private $_auth = null;

        public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
                $this->_acl = $acl;
                $this->_auth = $auth;
        }

        public function preDispatch(Zend_Controller_Request_Abstract $request) {
                $resource = $request->getControllerName();
                $action = $request->getActionName();


                if (Zend_Auth::getInstance()->hasIdentity()) {
                        $identity = $this->_auth->getStorage()->read();
                        $role = $identity->uType;
                //} else {
                //      $role = 'guest';
                }

                if (!$this->_acl->isAllowed($role, $resource, $action)) {
                        $request->setControllerName('authentication')
                                ->setActionName('login');
                }
        }
}

Open in new window

0
bradnz
Asked:
bradnz
1 Solution
 
Ray PaseurCommented:
That's a lot of code to debug, but maybe I can suggest some strategies that will be helpful.  First, set error_reporting(E_ALL); and ini_set('display_errors', TRUE);.  Next use var_dump($_SESSION); and use var_dump() with any other variables that might be in play.  When you can visualize the data, it will be much easier to see what is going on.
0
 
bradnzAuthor Commented:
Thanks Ray, your tips helped.

What I ended up doing was writing to zend_registry and doing some trial and error to establish what was going on... eventually i got to the fact that the code was not even being run!!! damit!
I had an issue in the acl in another file!! gutted! spent a day or so looking at this!

All good now though. Thanks
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now