BMC/UUP-AUTH - Authentication library for PHP

The BMC/UUP-AUTH package provides a library for stacking authenticators together to support multiple authentication method in a uniform way.

PAM-like design

Bundled are also restrictors for performing access restriction (i.e. on time of day or the ip-address/hostname). All authenticators in the stack can be set as required or sufficient to enforce logon policy (i.e. require CAS-logon from outside of LAN while supporting Kerberos logon from inside).

Documentation

  • The example directory in the source code contains fully working examples.
  • See API docs.

Design

The library is modular. The authenticators are the frontend (credentials obtainers) that might use a validator as authentication source (for example LDAP). The authenticator can be combined with a storage object to support logon sessions.

Authenticators can be used in a stack or standalone (single login method). If configuring a stack, use one of the access classes for easy access to chains and authenticators.

Framework

This listing should give an hint on where to find different classes:

    +-- UUP/Authentication/
          +-- Authenticator/        : Authenticator frontend classes.
          +-- Restrictor/           : Restrictor classes.
          +-- Stack/                : Support for stacking authenticators/restrictors.
          +-- Storage/              : Persistance support.
          +-- Validator/            : Authentication support.