Re: [amfphp] _authenticate in every role-service?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

That's a good point you've brought there. The thing is that 
it's not desirable in most situations to be able to 
authenticate the user in one service and that auth being 
carried over to other services. If you had two services 
which used 'admin' as a role and roles carried over, then 
one person could login to one service and freely access the 
other, completely unrelated service. But I do see how you 
would want to share auth in your case. I'll try to figure 
out a good workaround for that.

Patrick

Sönke Rohde wrote:
> Hello,
> I already posted with no answer and now I'd like to shorten my question:
> Does every service using roles has to imlpement the _authenticate-method?
> 
>>From my tests it is not required when calling different services with roles
> from the same AS 2.0 class. When calling from different classes the
> execption code 256 is thrown but the role-restricted service is working.
> Is this the final behaviour or does it change in the final amfphp 1.0?
> 
> I would expect implementing _authenticate once in the service where
> setCredentials is called and then the information is saved in the amfphp
> session.
> 
> Thanks,
> Sönke
> 
> 
> 
> 
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_ide95&alloc_id396&opÌk
> _______________________________________________
> amfphp-general mailing list
> amf...@li...
> https://lists.sourceforge.net/lists/listinfo/amfphp-general
> 