Access control list (ACL) is a security model. ACL is a way to manage application permissions in a fine-grained, yet easily maintainable and manageable way.
The authentication module of Cake PHP framework has implemented it nicely. Also Zend framework also implemented it. Also in Sourceforge, a project named php generic access control list is available.
My current project uses codeigniter framework. We have faced several problem for authentication system. So that we have decided to implement the ACL to control the authentication system for a controller and a specific function with in the controller.
To implement this we have a configuration file, acl_settings.php in the application/config folder and we make an array for the permission list.
When a controller is going to load, the application call the acl model (acl_model.php) to check the permission. If access available then it allow to make the object of that controller.
Thanks a lot to read this boring post, also i can’t explain it quitely.
