ZF-11694: Zend_Auth::clearIdentity() does not work with objects

Issue Type:
Bug
Created:
2011-08-25T12:11:38.000+0000
Last Updated:
2011-11-03T00:54:24.000+0000
Status:
Closed
Fix version(s):
    Reporter:
    Egidio Caprino (aegidius)
    Assignee:
    Adam Lundrigan (adamlundrigan)
    Tags:
    • Zend_Auth
    • zf-caretaker-adamlundrigan
    • zf-crteam-padraic
    • zf-crteam-priority
    Related issues:
    Attachments:

    Description

    I use an instance of Zend_Auth_Storage_Session as Zend_Auth storage adapter, in this way:

    $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session());

    When I do user login I save in that storage adapter the row fetched in the database, in this way:

    $auth = Zend_Auth::getInstance(); $adapter = new System_AuthAdapter($id, $password); $result = $auth->authenticate($adapter); if ($result->isValid()) { $result = $adapter->getResultRowObject(); $auth->getStorage()->write($result); }

    I do logout in this way:

    $auth = Zend_Auth::getInstance(); $auth->clearIdentity();

    but I am still logged in the system and the storage adapter still have information fetched in the database.

    Comments

    Posted by Adam Lundrigan (adamlundrigan) on 2011-10-14T16:43:13.000+0000

    I attempted to write a unit test to reproduce your case. The only difference is that i'm not using the database authentication adapter:

    
    /**
     * @group ZF-11694
     */
    public function testClearIdentityWorksWithObjects()
    {
        // Authenticate the user and confirm
        $adapter = new ZF11694_TestAuthAdapter('test','foobar');
        $result = $this->auth->authenticate($adapter);
        $this->assertTrue($result->isValid());
        $this->assertEquals('ZF11694_User', get_class($result->getIdentity()));
        
        // Write identity to storage and confirm
        $this->auth->getStorage()->write($result->getIdentity());
        $this->assertTrue($this->auth->hasIdentity());
        $this->assertEquals('ZF11694_User', get_class($this->auth->getIdentity()));
        
        // Now erase it and confirm
        $this->auth->clearIdentity();
        $this->assertFalse($this->auth->hasIdentity());
        $this->assertNotEquals('ZF11694_User', get_class($this->auth->getIdentity()));
    }

    This test passes. I've attached the full test suite changes in a patch file.

    I'm now working on reproducing your error via a ZF test application which uses the database auth adapter.

    Posted by Adam Lundrigan (adamlundrigan) on 2011-10-14T17:14:09.000+0000

    I have created a simple ZF app (attached) to test {{Zend_Auth_Storage_Session}} + {{Zend_Auth_Adapter_DbTable}}, and could not reproduce the issue you are reporting. Could you please provide more information on your custom adapter,{{System_AuthAdapter}} - specifically what it returns via the {{getResultRowObject()}} method?

    Posted by Adam Lundrigan (adamlundrigan) on 2011-10-14T17:22:06.000+0000

    Previous patch (ZF-11694_test.patch) was FUBARed; it has now been replaced with the correct patch.