Digest Authentication - Zend_Auth
» Digest authentication is a method of HTTP authentication that improves upon » Basic authentication by providing a way to authenticate without having to transmit the password in clear text across the network.
This adapter allows authentication against text files containing lines having the basic elements of Digest authentication:
username, such as "joe.user"
realm, such as "Administrative Area"
MD5 hash of the username, realm, and password, separated by colons
The above elements are separated by colons, as in the following example (in which the password is "somePassword"):
- someUser:Some Realm:fde17b91c3a510ecbaf7dbd37f59d4f8
The digest authentication adapter, Zend_Auth_Adapter_Digest, requires several input parameters:
filename - Filename against which authentication queries are performed
realm - Digest authentication realm
username - Digest authentication user
password - Password for the user of the realm
These parameters must be set prior to calling authenticate().
The digest authentication adapter returns a Zend_Auth_Result object, which has been populated with the identity as an array having keys of realm and username. The respective array values associated with these keys correspond to the values set before authenticate() is called.
- $adapter = new Zend_Auth_Adapter_Digest($filename,
- $result = $adapter->authenticate();
- $identity = $result->getIdentity();
- [realm] => Some Realm
- [username] => someUser