[Solar-talk] Alternate authentication object for Solar_User

[Paul M Jones]

On Mar 17, 2008, at 10:45 , Leo Chiao wrote:

> In your suggestion for writing a adapter to manage multiple auth  
> stores, wouldn't that necessitate the need to also write an  
> alternative to Solar_Auth_Adapter as there would no longer a single  
> "auth" instance to authenticate against.

That is the implication, yes.  The custom auth adapter might, for  
example, extend from Solar_Auth_Adapter to override various methods to  
look at whatever auth stores it knows about.


> Let me explain my situation in a little more detail.  I am  
> developing an e-commerce app where you can create multiple stores.  
> To start, there is a users table where consumers account information  
> is stored as in any normal store and that is the first  
> authentication source.  The second auth source is for the scenario  
> where a store requires a unique login/password just to view the  
> store. There is no relationship between the two auth sources for  
> various business reasons.
>
> If my explanation is clear, do you still go with your original  
> recommendation versus using two Solar_User instances?

It sounds like you need to maintain two completely separate user  
accounts, essentially for different sites, each with its own  
authentication, roles, access controls, etc?  In that case, your  
original assessment would seem to be the correct one.  Sorry to add  
noise.


-- pmj