Section A.1. Authentication

A.1. Authentication

A.1.1. Auth

Repository: PEAR - License: PHP License - By Martin Jansen (lead) - James E. Flemer (developer) - Yavor Shahpasov (lead)

Creating an authentication system.

A.1.1.1 Description

The PEAR::Auth package provides methods for creating an authentication system using PHP.

Currently it supports the following storage containers to read/write the login data:

• All databases supported by the PEAR database layer

• All databases supported by the MDB database layer

• Plaintext files

• LDAP servers

• POP3 servers

• IMAP servers

• vpopmail accounts

• RADIUS

• SAMBA password files

• SOAP

A.1.2. Auth_Enterprise

Repository: - License: PHP License -

Enterprise Authentication & Authorization Service

A.1.2.1 Description

As the name implies, this package aims to provide an enterprise level authentication & authorization service. There are two parts to this package, the service layer which handles A&A requests and a PHP client. Support for other clients (e.g. Java, ASP/VB, etc) is possible further supporting cross-platform enterprise needs. Main features are: 1) Web Service-based 2) implements notion of a Provider which is capable of hitting a specific data store (DBMS, LDAP, etc) 3) Implements a single credential set across a single provider 4) 100% OO-PHP with the client producing a user object that can be serialized to a PHP4 session.

A.1.3. Auth_HTTP

Repository: PEAR - License: PHP License - By Martin Jansen (lead) - Rui Hirokawa (lead)

HTTP authentication

A.1.3.1 Description

The PEAR::Auth_HTTP class provides methods for creating an HTTP authentication system using PHP, that is similar to Apache's realm-based .htaccess authentication.

A.1.4. Auth_PrefManager

Repository: PEAR - License: PHP License - By Jon Wood (lead)

Preferences management class

A.1.4.1 Description

Preference Manager is a class to handle user preferences in a web application, looking them up in a table using a combination of their userid, and the preference name to get a value, and (optionally) returning a default value for the preference if no value could be found for that user. It is designed to be used alongside the PEAR Auth class, but can be used with anything that allows you to obtain the user's id - including your own code.

A.1.5. Auth_RADIUS

Repository: PEAR - License: BSD - By Michael Bretterklieber (lead)

Wrapper Classes for the RADIUS PECL.

A.1.5.1 Description

This package provides wrapper-classes for the RADIUS PECL. There are different Classes for the different authentication methods. If you are using CHAP-MD5 or MS-CHAP you need also the Crypt_CHAP package.

If you are using MS-CHAP you need also the mhash and mcrypt extension.

A.1.6. Auth_SASL

Repository: PEAR - License: BSD - By Richard Heyes (lead) - Michael Bretterklieber (lead)

Abstraction of various SASL mechanism responses

A.1.6.1 Description

Provides code to generate responses to common SASL mechanisms, including:

• Digest-MD5

• CramMD5

• Plain

• Anonymous

• Login (Pseudo mechanism)

A.1.7. LiveUser

Repository: PEAR - License: LGPL - By Markus Wolff (lead) - Arnaud Limbourg (lead) - Lukas Kahwe Smith (lead) - Bjoern Kraus (developer) - Pierre-Alain Joye (contributor) - Helgi ormar (developer)

User authentication and permission management framework

A.1.7.1 Description

Perm_LiveUser is a set of classes for dealing with user authentication and permission management. Basically, there are three main elements that make up this package:

• The LiveUser class

• The Auth containers

• The Perm containers

The LiveUser class takes care of the login process and can be configured to use a certain permission container and one or more different auth containers. That means, you can have your users' data scattered amongst many data containers and have the LiveUser class try each defined container until the user is found. For example, you can have all website users who can apply for a new account online on the webserver's local database. Also, you want to enable all your company's employees to login to the site without the need to create new accounts for all of them. To achieve that, a second container can be defined to be used by the LiveUser class. You can also define a permission container of your choice that will manage the rights for each user. Depending on the container, you can implement any kind of permission schemes for your application while having one consistent API. Using different permission and auth containers, it's easily possible to integrate newly written applications with older ones that have their own ways of storing permissions and user data. Just make a new container type and you're ready to go! Currently available are containers using:

PEAR::DB, PEAR::MDB, PEAR::MDB2, PEAR::XML_Tree and PEAR::Auth.

A.1.8. radius

Repository: PECL - License: BSD - By Michael Bretterklieber (lead)

Radius client library

A.1.8.1 Description

This package is based on the libradius of FreeBSD, with some modifications and extensions. This PECL provides full support for RADIUS authentication (RFC 2865) and RADIUS accounting (RFC 2866), works on Unix and on Windows. Its an easy way to authenticate your users against the user-database of your OS (for example against Windows Active-Directory via IAS).

A.1.9. sasl

Repository: PECL - License: PHP License - By Jon Parise (lead)

Cyrus SASL Extension

A.1.9.1 Description

SASL is the Simple Authentication and Security Layer (as defined by RFC 2222). It provides a system for adding plugable authenticating support to connection-based protocols. The SASL Extension for PHP makes the Cyrus SASL library functions available to PHP. It aims to provide a 1-to-1 wrapper around the SASL library to provide the greatest amount of implementation flexibility. To that end, it is possible to build both a client-side and server-side SASL implementation entirely in PHP.