The resolver's job is to take a username and realm, and return some kind of credential value. Basic authentication expects to receive the Base64 encoded version of the user's password. Digest authentication expects to receive a hash of the user's username, the realm, and their password (each separated by colons). Currently, the only supported hash algorithm is MD5.
Zend_Auth_Adapter_Http relies on objects implementing
Zend_Auth_Adapter_Http_Resolver_Interface. A text file resolver
class is included with this adapter, but any other kind of resolver can be created
simply by implementing the resolver interface.
The file resolver is a very simple class. It has a single property specifying a
filename, which can also be passed to the constructor. Its
resolve() method walks through the text file, searching
for a line with a matching username and realm. The text file format similar to
Apache htpasswd files:
<username>:<realm>:<credentials>\n
Each line consists of three fields - username, realm, and credentials - each separated by a colon. The credentials field is opaque to the file resolver; it simply returns that value as-is to the caller. Therefore, this same file format serves both Basic and Digest authentication. In Basic authentication, the credentials field should be written in clear text. In Digest authentication, it should be the MD5 hash described above.
There are two equally easy ways to create a File resolver:
<?php
$path = 'files/passwd.txt';
$resolver = new Zend_Auth_Adapter_Http_Resolver_File($path);
or
<?php
$path = 'files/passwd.txt';
$resolver = new Zend_Auth_Adapter_Http_Resolver_File();
$resolver->setFile($path);
If the given path is empty or not readable, an exception is thrown.