auth::guard()
PEAR::Auth is a package that allows you to abstract the user authentication from the main part of your application and not worry about it. What is good about the package is that it comes with different "containers" that allows you to authenticate users against different storages, I mean you can store users data in a database and use the PEAR::DB or PEAR::MDB2 containers, or you can use flat files, IMAP servers, SOAP and what not. And the package is easily extensible. So I played around with creating an SAP container that allows you to check users against your company's SAP system and for example build a section of your Internet (or Extranet) page that is only accessible for people and partners that exist as users in the SAP system.
PEAR :: Auth是一个程序包,它使您可以从应用程序的主要部分抽象出用户身份验证,而不必担心。 该软件包的优点是它带有不同的“容器”,可让您针对不同的存储对用户进行身份验证,这意味着您可以将用户数据存储在数据库中并使用PEAR :: DB或PEAR :: MDB2容器,或者您可以使用平面文件,IMAP服务器,SOAP等。 而且该软件包易于扩展。 因此,我尝试创建一个SAP容器,该容器可让您对照公司的SAP系统检查用户,例如,构建Internet(或Extranet)页面的一部分,该页面仅可供SAP系统中作为用户存在的人员和合作伙伴访问。 。
In order to connect to an SAP system with PHP you need the SAPRFC PHP extension. Get it here. Then you use the function saprfc_open() (more docs here) to establish a connection. You provide some info about the SAP system as well as your username/password. Once connected, a so-called "SSO ticket" is generated for you. This is just a long string, like a session ID. For consecutive connections you can use this SSO ticket instead of providing username/password every time. BTW, SSO stands for Single Sign-On.
为了使用PHP连接到SAP系统,您需要SAPRFC PHP扩展。 在这里得到它。 然后,您可以使用函数saprfc_open()(此处有更多文档)来建立连接。 您提供一些有关SAP系统以及您的用户名/密码的信息。 连接后,将为您生成一个所谓的“ SSO票证”。 这只是一个长字符串,如会话ID。 对于连续连接,您可以使用此SSO票证而不是每次都提供用户名/密码。 顺便说一句,SSO表示单点登录。
Now, with my little SAP container you can benefit from the PEAR and PEAR::Auth infrastructure to do the logins. The way to do an authentication is simple (example stolen in parts from this PEAR manual entry). You pass the connection options (such as hostname). Then, once the user is authenticated, the container retrieves the SSO session ID and sticks into the Auth session data, so that it's reusable for consecutive connections within the same session. If you need to do more with the SAP system, apart from authenticating users, you can get back the updated connection options and just pass them to saprfc_open(). Here's an example:
现在,使用我的小SAP容器,您可以受益于PEAR和PEAR :: Auth基础结构来进行登录。 进行身份验证的方法很简单(此PEAR手册条目中的部分示例被盗)。 您传递连接选项(例如主机名)。 然后,一旦用户通过身份验证,容器就会检索SSO会话ID并粘贴到Auth会话数据中,以便可用于同一会话中的连续连接。 如果您需要对SAP系统做更多的事情,除了对用户进行身份验证之外,还可以取回更新的连接选项,然后将其传递给saprfc_open()。 这是一个例子:
<?php
// get Auth lib
require_once "Auth.php";
// SAP connection options
$options = array (
'ASHOST' => 'hostname'
);
// create Auth object using the SAP container
$a = new Auth("SAP", $options);
$a->start();
// check
if ($a->checkAuth()) {
// authorised! You can do the protected stuff here
// For example open a connection to the SAP system
// using the stored authentication data
$rfc = saprfc_open($a->getAuthData('sap'));
// show sapinfo if you will
echo '<pre>';
print_r(saprfc_attributes($rfc));
echo '</pre>';
}
?>
And here's the actual Auth_Contaner_SAP class, should be placed in a file called SAP.php in your_pear_dir/Auth/Container/
这是实际的Auth_Contaner_SAP类,应该放在your_pear_dir / Auth / Container /中的SAP.php文件中
<?php
require_once 'PEAR.php';
require_once 'Auth/Container.php';
/**
* Performs authentication against an SAP system
* using the SAPRFC PHP extension.
*
* When the option GETSSO2 is TRUE (default)
* the Single Sign-On (SSO) ticket is retrieved
* and stored as an Auth attribute called 'sap'
* in order to be reused for consecutive connections.
*
* @author Stoyan Stefanov <ssttoo@gmail.com>
* @package Auth
* @see http://saprfc.sourceforge.net/
*/
class Auth_Container_SAP extends Auth_Container {
/**
* @var array Default options
*/
var $options = array(
'CLIENT' => '000',
'LANG' => 'EN',
'GETSSO2' => true,
);
/**
* Class constructor. Checks that required options
* are present and that the SAPRFC extension is loaded
*
* Options that can be passed and their defaults:
* <pre>
* array(
* 'ASHOST' => "",
* 'SYSNR' => "",
* 'CLIENT' => "000",
* 'GWHOST' =>"",
* 'GWSERV' =>"",
* 'MSHOST' =>"",
* 'R3NAME' =>"",
* 'GROUP' =>"",
* 'LANG' =>"EN",
* 'TRACE' =>"",
* 'GETSSO2'=> true
* )
* </pre>
*
* @var array array of options.
*/
function Auth_Container_SAP($options)
{
$saprfc_loaded = PEAR::loadExtension('saprfc');
if (!$saprfc_loaded) {
return PEAR::raiseError('Cannot use SAP authentication, '
.'SAPRFC extension not loaded!');
}
if (empty($options['R3NAME']) && empty($options['ASHOST'])) {
return PEAR::raiseError('R3NAME or ASHOST required for authentication');
}
$this->options = array_merge($this->options, $options);
}
/**
* Performs username and password check
*
* @var string Username
* @var string Password
* @return boolean TRUE on success (valid user), FALSE otherwise
*/
function fetchData($username, $password)
{
$connection_options = $this->options;
$connection_options['USER'] = $username;
$connection_options['PASSWD'] = $password;
$rfc = saprfc_open($connection_options);
if (!$rfc) {
$message = "Couldn't connect to the SAP system.";
$error = $this->getError();
if ($error['message']) {
$message .= ': ' . $error['message'];
}
PEAR::raiseError($message, null, null, null, @$erorr['all']);
return false;
} else {
if (!empty($this->options['GETSSO2'])) {
if ($ticket = @saprfc_get_ticket($rfc)) {
$this->options['MYSAPSSO2'] = $ticket;
unset($this->options['GETSSO2']);
$this->_auth_obj->setAuthData('sap', $this->options);
} else {
PEAR::raiseError("SSO ticket retrieval failed");
}
}
@saprfc_close($rfc);
return true;
}
}
/**
* Retrieves the last error from the SAP connection
* and returns it as an array.
*
* @return array Array of error information
*/
function getError()
{
$error = array();
$sap_error = saprfc_error();
if (empty($err)) {
return $error;
}
$err = explode("\n", $sap_error);
foreach ($err AS $line) {
$item = split(':', $line);
$error[strtolower(trim($item[0]))] = trim($item[1]);
}
$error['all'] = $sap_error;
return $error;
}
}
?>
Tell your friends about this post on Facebook and Twitter
在Facebook和Twitter上告诉您的朋友有关此帖子的信息
auth::guard()
2508
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
