Friday, December 4, 2009

Authentication strategy

If I authenticate someone on my site using say an API or my own
usertable in my own database then am I right in thinking that they
will be seen as two separate individuals.
All the authentication is doing is saying that this person is who they
say they are. So for example if I get them logged on via a facebook
account and they add say a blog post then they would not be able to
come back in and log in via the sites own authentication and edit that
blog post as the system has no way of tying both accounts together.

Its a very murky complicated thing this multiple login, and then also
ACL within these accounts ? What is a good strategy to adopt ?
I'm thinking I would like to create a facebook application which is
just really an iframe so they can aythenticate against facebook so
maybe I can capture their facebook username in my database and do
things like that so they always log in through facebook.

Is there a good article online that goes into login strategy to employ
for a new build.
thanks

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.

You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en

No comments: