Issues

ZF-11694: Zend_Auth::clearIdentity() does not work with objects

Issue Type: Bug Created: 2011-08-25T12:11:38.000+0000 Last Updated: 2011-11-03T00:54:24.000+0000 Status: Closed Fix version(s): Reporter: Egidio Caprino (aegidius) Assignee: Adam Lundrigan (adamlundrigan) Tags: - Zend_Auth

  • zf-caretaker-adamlundrigan
  • zf-crteam-padraic
  • zf-crteam-priority

Related issues: Attachments: - ZF-11694_test.patch

Description

I use an instance of Zend_Auth_Storage_Session as Zend_Auth storage adapter, in this way:

$auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session());

When I do user login I save in that storage adapter the row fetched in the database, in this way:

$auth = Zend_Auth::getInstance(); $adapter = new System_AuthAdapter($id, $password); $result = $auth->authenticate($adapter); if ($result->isValid()) { $result = $adapter->getResultRowObject(); $auth->getStorage()->write($result); }

I do logout in this way:

$auth = Zend_Auth::getInstance(); $auth->clearIdentity();

but I am still logged in the system and the storage adapter still have information fetched in the database.

Comments

Posted by Adam Lundrigan (adamlundrigan) on 2011-10-14T16:43:13.000+0000

I attempted to write a unit test to reproduce your case. The only difference is that i'm not using the database authentication adapter:

<pre class="highlight">
    /**
     * @group ZF-11694
     */
    public function testClearIdentityWorksWithObjects()
    {
        // Authenticate the user and confirm
        $adapter = new ZF11694_TestAuthAdapter('test','foobar');
        $result = $this->auth->authenticate($adapter);
        $this->assertTrue($result->isValid());
        $this->assertEquals('ZF11694_User', get_class($result->getIdentity()));
        
        // Write identity to storage and confirm
        $this->auth->getStorage()->write($result->getIdentity());
        $this->assertTrue($this->auth->hasIdentity());
        $this->assertEquals('ZF11694_User', get_class($this->auth->getIdentity()));
        
        // Now erase it and confirm
        $this->auth->clearIdentity();
        $this->assertFalse($this->auth->hasIdentity());
        $this->assertNotEquals('ZF11694_User', get_class($this->auth->getIdentity()));
    }

This test passes. I've attached the full test suite changes in a patch file.

I'm now working on reproducing your error via a ZF test application which uses the database auth adapter.

Posted by Adam Lundrigan (adamlundrigan) on 2011-10-14T17:14:09.000+0000

I have created a simple ZF app (attached) to test Zend_Auth_Storage_Session + Zend_Auth_Adapter_DbTable, and could not reproduce the issue you are reporting. Could you please provide more information on your custom adapter,System_AuthAdapter - specifically what it returns via the getResultRowObject() method?

Posted by Adam Lundrigan (adamlundrigan) on 2011-10-14T17:22:06.000+0000

Previous patch (ZF-11694_test.patch) was FUBARed; it has now been replaced with the correct patch.

Have you found an issue?

See the Overview section for more details.

Copyright

© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts