’authenticate’ => array(
’Form’ => array(
’fields’ => array(’username’ => ’email’)
)
)
)
);
In addition to the common configuration, Basic authentication supports the following keys:
• realm The realm being authenticated. Defaults to env(’SERVER_NAME’).
In addition to the common configuration Digest authentication supports the following keys:
• realm The realm authentication is for, Defaults to the servername.
• nonce A nonce used for authentication. Defaults to uniqid().
• qop Defaults to auth, no other values are supported at this time.
• opaque A string that must be returned unchanged by clients. Defaults to
md5($settings[’realm’])
Creating Custom Authentication objects Because authentication objects are pluggable, you can create
custom authentication objects in your application or plugins. If for example you wanted to create an OpenID
authentication object. In app/Controller/Component/Auth/OpenidAuthenticate.php you
could put the following:
App::uses(’BaseAuthenticate’, ’Controller/Component/Auth’);
class OpenidAuthenticate extends BaseAuthenticate {
public function authenticate(CakeRequest $request, CakeResponse $response) {
// Do things for openid here.
}
}
Authentication objects should return false if they cannot identify the user. And an array of user information
if they can. It’s not required that you extend BaseAuthenticate, only that your authentication
object implements an authenticate() method. The BaseAuthenticate class provides a number
of helpful methods that are commonly used. You can also implement a getUser() method if your authentication
object needs to support stateless or cookie-less authentication. See the sections on basic and digest
authentication below for more information.
Using custom authentication objects Once you’ve created your custom authentication object, you can
use them by including them in AuthComponents authenticate array:
$this->Auth->authenticate = array(
’Openid’, // app authentication object.
’AuthBag.Combo’, // plugin authentication object.
);