O'Reilly logo

Building PHP Applications with Symfony™, CakePHP, and Zend® Framework by Leszek Nowak, Karol Przystalski, Bartosz Porebski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 16. User Management

The world will look up and shout 'save us' and I will look down and whisper 'no.'

Rorschach, The Watchmen

WHAT'S IN THIS CHAPTER?

  • RBAC and ACL as basic user management methods.

  • Setting up LDAP.

  • Advanced user management with LDAP.

How should a web application be secured against unprivileged access? We want to explore this topic as deeply as possible in this chapter because of its significance and the severe consequences of neglecting security. The first major section of this chapter, "Basic User Management," covers not only the basic security issues, but also dynamic access control and features of specific frameworks.

The second major section of this chapter, "Identifying Users Using LDAP Implementation," is focused on implementing user authorization with LDAP within the frameworks. This is an alternative industry-scale solution, so you can skip this section if you don't need it. However, this knowledge will be invaluable for more advanced users, because it is not easily accessible on the Internet, and it is highly valued among big companies and corporations.

BASIC USER MANAGEMENT

There are many ways to manage user authorization. In the frameworks featured in this book, there are two main user management approaches, RBAC and ACL. They are quite similar, but have some important differences that are described and explained in the following section.

RBAC versus ACL

RBAC, which stands for Role-based Access Control, is more role oriented (roles, not specific users, are ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required