Authentication & Authorization with CakePHP
Why and how authorize and authenticate?
Process of authorization ensures the identity of any user in the system. Removing access or adding access for any user is a completely separate process. To achieve successful authorization CakePHP uses Auth Component. By default Auth works with databases, but you are the boss and can change its configuration to work with anything. LDAP, Radius, and OpenID are some of the most common sources of alternate authentication. You are looking forward to use an Auth component, than you must be aware of its properties like saves password in hash format and best part is it uses only single API for the same.Setting up AuthComponent
You will be required to create a user table with user model. You will have fields of username & password fields. This step helps developers to make the use of most intelligent part built into Auth. Once you are done with the Auth you are all set to add Auth to your controllers var $components.ACL component
This component consist of an easy to use API, identifies, it also create nodes and checks permissions. ACL component is meant to handles hierarchies with ease, allowing inheritance permission in the system.Auth modes and simple auth.
Your Auth component comes with a number of modes, which are able to handle authorization in different situations.Using Auth and Acl’s together.
You will need some aros and acos before you can go for usage of using Auth and Acl simultaneously. You can also use ACL management plugin in order to create few of aros and acos, also set the permissions for your new users along with controllers.
This is how it gets set up and lets you walk around with peace of mind regarding Authorization.