Zend_Auth and more than one record matches the supplied identity
The Zend_Auth Db adapter will fail if you have more than one record returned, which makes sense. However, when I have coded something like this in the past, I would check how many records were returned with a matching username and password. Zend_Auth looks at how many records are returned for the username field regardless of whether the password matches, so you need to have a unique username field. I was trying to use a person’s last name and password to authenticate, but obviously people had the same last name, so it was failling.
February 13th, 2010 at 2:38 pm
Thanks for the heads up. I was having the same problem. I ended up reversing the two fields, since security wasn’t too much of a concern. It is a basic community site where people have to enter in their last name and password in lieu of a username. Since multiple people have the same last name, it was returning false. So I just treated the password as the username field, and the last name as the password, so there are no duplicates. Not sure if this is wise, but the site is very basic and only allows people to post comments when logged in (i.e. no sensitive information is stored).
July 13th, 2010 at 4:34 pm
I had the same issue but instead of doing something like
$result = $auth->authenticate($adapter);
if($result->isValid()){….
Im using this expression
if($result->getCode() == Zend_Auth_Result::SUCCESS || $result->getCode() == Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS){…
This allowed me to have ambigous identity, which wouldnt hurt since credential is unique.
July 14th, 2010 at 4:17 pm
@Rolando - nice, that’s a clean way to have a non-unique identity.