Zend Framework Auth with examples

6 Nov

Zend_Auth provide API for authentication, not authorization.
Authentication determine whether entity actually is what is purports to be, while authorization is the process of deciding whether or not allow entity to access particular resources.
Zend Framework uses Zend_Authentication and Zend_Acl for authorization. I have already discussed Zend Acl with example. Here I am going to discuss Authentication via Zend_Auth component.
Zend Framework provide different authentication adapters classes for authentication, such as adapter class for authentication against database table, adapter class for Http authentication and LDAP authentication etc. You can find these classes in Zend/Auth/Adapter/ directory.
You can either use these provided adapters or can build your own adapter and use them for authentication.
To create your own adapter you will need to implement Zend_Auth_Adapter_Interface and define its method authenticate.
Lets see how you can create custom adapter for authentication.
Before writing the code, create My/Auth/Adapter.php under library folder. and then add the following code in this file.
class My_Auth_Adapter implements Zend_Auth_Adapter_Interface
protected $_username;
protected $_password
public function __construct($username,$password)
public function authenticate()
if(in_array($this->_username,$users) && !in_array($this->password,$users)) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID,$this->_username)
if(!in_array($this->_username,$users) && in_array($this->password,$users)) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND,$this->_username)
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS)

In the above code we first implement Zend_Auth_Adapter_Interface that provide single method authenticate() to be overridden.
Next we define our constructor, assigning $usename and password to protected attributes.
And then the magic method arrive. Our authenticate() method has all the logic.
we are first defining our array or users-in our case we have only one user with password(12345).
Next we check username and password given to our constructor again values in our $users array.
In first condition
if(in_array($this->_username,$users) && !in_array($this->password,$users)) {
we check if username is valid but password is unvalid, we return indentity invalid code.
while in the second if condition we check if password is valid, but username is unvalid then we return credential unvalid code.
At the end if both username and passwords are correct, we return success code.
Based on these codes we then show different messages to the users.
We have implemented very simple code here, however you can have very complex code. you can even read already store usernames and passwords form text file, database or any other storage, compare username and password provided with those stored ones and return different Zend_Auth_Result codes.
That is we have now our own custom authentication adapter.
Next you will need to call this adapter somewhere in your code- in Controller/action.
Write code something like this.

$auth = Zend_Auth::getInstance();
$result= $auth->authenticate(new My_Auth_Adapter($_POST['username'],$_POST['password']));
echo 'user name is unvalid';
echo 'unvalid password provided';
echo 'authentication successful.move forward';

In the above code we first get instance to the Zend_Auth. then call its magic method authenticate() and pass our custom adapter.
we then get code by calling getCode() method and define our switch statement.
that’s it our custom authentication.


4 Responses to “Zend Framework Auth with examples”

  1. Henrique Moody July 21, 2009 at 10:39 pm #

    Thanks for this post! Helped me a lot

  2. quellen August 23, 2009 at 8:07 pm #

    Thanks a lot, very useful spot!

  3. vanoode December 22, 2009 at 2:04 am #

    Thanks its great 🙂

  4. yippady January 6, 2010 at 10:52 am #

    thank you
    this example help me a lot


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: