This plugin can be deactivated if the project doesn’t need to protect access to its services.

On a service object, the plugin looks for a method called _getMethodRoles. If the method exists, the plugin will look for a role in the session that matches the role. If the roles don’t match, an Exception is thrown. The _getMethodRoles takes a parameter $methodName, and must return an array of strings containing acceptable roles for the method. If the return value is null, it is considered that that particular method is not protected.

For example:

public function _getMethodRoles($methodName){
if($methodName == 'adminMethod'){
return array('admin');
return null;

To authenticate a user, the plugin looks for a ‘login’ method. This method can either be called explicitly, or by setting a header with the name ‘Credentials’, containing {userid: userid, password: password}, as defined by the AS2 NetConnection.setCredentials method. It is considered good practise to have a ‘logout’ method, though this is optional The login method returns a role in a ‘string’. It takes 2 parameters, the user id and the password. The logout method should call AmfphpAuthentication::clearSessionInfo();

See the AuthenticationService class in the examples for an example of an implementation.

See here for the generated doc.

Laissez un commentaire

News letter

Evénements Silex Labs sur Paris et sa région: Inscrivez vous à la Newsletter mensuelle

Silex Labs community Tweets

Facebook page