Section: Use jAcl2 with authentication
« Configure jAcl2.db | ^ jAcl2 : rights management |
− Table of content
jAcl2 needs to interact with the authentication system, to know which user is connected.
When a user account is created or deleted, rights for this user should be created or deleted.
So there are mecanisms allowing both components, rights and authentication, to communicate these informations.
jAcl2 interaction with authentication ¶
jAcl2 needs an object, implementing the interface jAcl2AuthAdapterInterface
,
These interface declares two methods, isUserConnected()
and getCurrentUserLogin()
.
The object can also implement the interface jAcl2AuthAdapterInterface2
which adds two other methods, getUserProfilUrl($login)
and getUserAdminProfilUrl($login)
used for the admin UI of rights.
You must indicate the class of this object into the configuration parameter
authAdapterClass
in the section acl2
.
For jAuth, a such object exists, jAcl2JAuthAdapter
, and is activated by
default. If you are using an other authentication library, you should provide
an other class, compatible with this authentication.
Authentication interaction with jAcl2 ¶
For example, if you use the jCommunity module and jAcl2, you would want a new member to receive "defaults" rights and when he will delete his account, its own rights would also be.
Generically, calling jAuth::saveNewUser()
, jAuth::removeUser()
and
so on, should trigger updates to jAcl2 user rights.
And any other authentication system should trigger such updates.
These triggers could be events, as this is the case with jAuth, which emits
events like AuthNewUser
and AuthRemoveUser
.
The jacl2db module provides a listener to these events, for the db driver of jAcl2.
For other authentication system, you probably have to develop such listeners or other components.