Authentication Validator #3420

merged 3 commits into from Jan 14, 2013


None yet

3 participants



The Authentication Validator implements a common validator that can be leveraged on forms and the like to be able to ease authentication. It utilizes the AuthenticationService internally providing much of the functionality.


While the example below is explicit; you may specify the identity and credential as fields to be leveraged in the context. This allows for things like an InputFilter inside of a form to set the proper fields.


use Zend\Authentication\Validator\Authentication as AuthenticationValidator;
use Zend\Authentication\AuthenticationService;
use Zend\Authentication\Adapter\Ldap;

$validator = new AuthenticationValidator(
    'adapter' => new Ldap(),
    'service' => new AuthenticationService()


All Authentication Adapters must now extend AbstractAdapter which implements a (set|get)Identity and (set|get)Credential. The adapters do not always have to leverage them such as the case with the Http adapter (which you would not leverage in this context). However, when using the validator the validator requires these columns to be utilized.

@Ocramius Ocramius commented on the diff Jan 12, 2013
+ self::IDENTITY_NOT_FOUND => 'Invalid identity',
+ self::IDENTITY_AMBIGUOUS => 'Identity is ambiguous',
+ self::CREDENTIAL_INVALID => 'Invalid password',
+ self::UNCATEGORIZED => 'Authentication failed',
+ self::GENERAL => 'Authentication failed',
+ );
+ /**
+ * Authentication Adapter
+ * @var Zend\Authentication\Adapter\Adapter
+ */
+ protected $adapter;
+ /**
+ * Identity (or field)
+ * @var string
Ocramius Jan 12, 2013 Member

As we discussed on IRC, you may want to describe why you localized the context.

mwillbanks Jan 13, 2013 Contributor

Actually the localization here is to follow the existing validator patterns. Since validators have error messages that are validates (based on the adapter errors) this is where the error messages come into play. This is why the localization is available.


@mwillbanks I suggest you add a new interface for ValidatableAdapter or similar that defines the accessors and mutators for identity and credential, and have AbstractAdapter implement those, and the validator test for that interface. That will allow adapters to retain BC, both in those shipped and those that end-users write for themselves. The validator can ignore any adapter that does not implement the interface, and/or raise an exception.


sounds like a great idea; that way i can then remove the Http from the AbstractAdapter since it is not leveraged. Should have an update back to you shortly.

@mwillbanks mwillbanks Updated AbstractAdapter based on feedback to provide a validatable ad…
…apter interface, changed contract in the Authentication validator to ensure that the adapter must be a ValidatableAdapterInterface

@weierophinney I've updated based on feedback. In terms of the validator i simply changed the contract to require the adapter to be of type ValidatableAdapterInterface.

@weierophinney weierophinney merged commit 34858eb into zendframework:develop Jan 14, 2013
@weierophinney weierophinney added a commit to zendframework/zend-authentication that referenced this pull request May 14, 2015
@weierophinney weierophinney Merge branch 'feature/3420' into develop eef23f4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment