authentication
authentication copied to clipboard
cakephp
Authentication plugin for CakePHP. Can also be used in PSR7 based applications.
Hello. I'm seeing something weird in my app right now when calling `Authentication->setIdentity`. The `Session.ini.session.cookie_path` is getting overriden with `/`. In `Cake\Http\Session` I can see an empty array sent to...
@markstory I found inconsistency for unauthorized response between `HttpBasicAuthenticator` and `TokenAuthenticator` when the user is trying to access with the wrong credentials. I am not sure if this is intended...
This is a rough draft implementation of PASETO (Platform Agnostic Security Tokens). This supports local symmetric keys and public asymmetric keys, but does not yet have support for keyrings and...
Adds an option to start TLS on connection to an LDAP server. Defaults to false.
This is meant to gather your thoughts on support for cachedKeySets. Instead of providing an array with keys to jwks and URL could be passed which is then fetched and...
Hi, My institute uses [Shibboleth](https://shibboleth.atlassian.net/wiki/spaces/CONCEPT/overview) as SSO. After identification by the identity provider, the credentials are injected as environment variables by the http server. This authenticator is a TokenAuthenticator but:...
Refs https://github.com/cakephp/authentication/issues/361 It would be nice to have a less hacky way of $this->Authentication->allowUnauthenticated([$this->request->getParam('action')]); I can understand that not using any argument does not feel "safe" by default. As such,...
See https://symfony.com/doc/current/security/login_link.html probably similar to the Token authenticate, but more stateful, and probably with a similar hashing algo. The database approach would be something that could be custom user land...