Re: Multiple domains sharing a single database with non-unique user names

On Tue, Jan 15, 2013 at 9:09 AM, <david.suna@gmail.com> wrote:
> I have a Cake 1.3 application that we have been developing for a while. The
> application will support multiple domains and sub domains on a single
> database. We are using the standard ACL for user login and permissions.
> The problem that we have run in to is that the user name space is not unique
> across domains and sub domains. For example, there could be a user jack on
> sub.domain1.com and another user jack on sub2.domain1.com or a user jack on
> sub1.domain2.com. There is another table that contains the relationship
> between users and sub domains / domains using the user_id field in a
> belongsTo relationship. Since the username column in the users table must be
> unique this is problematic. For now we have come up with two approaches.
>
> The first is to change the username to jack@sub.domain1.com. This makes the
> username unique. However, it is cumbersome for the user since they are
> going to a url which is sub.domain.com/login already. Also, it would be a
> problem if the sub domain name is ever changed since all of the usernames
> would contain the old sub domain name.
>
> The other alternative is to change the users table to a view that does a
> join on a shadow users table and the fully qualified domain name. The
> problem with this is that it needs to be an updatable view to allow for
> updating passwords and the requirements in MySQL for an updateable view seem
> rather restrictive. We wouldn't want a change to either of the underlying
> tables to break the login process inadvertently.
>
> The other wrinkle to add in to the mix is that there are some users (system
> administrators) that are not associated with a sub domain / domain so we
> need to support them logging in as well.
>
> For now we are going with the first approach under the assumption that the
> downsides of that approach are less severe. However, I wanted to know if
> anyone else has dealt with this type of configuration and found a better
> alternative.

Go with the first choice, except don't force the user to fill in the
domain part. You could handle that in beforeFilter(). Check if a POST
has been made containing username, and append the domain.

I'm not sure about the admin part. Perhaps you could create an
alternative form for admins to use which sets some flag in the POST so
you don't bother doing the append.

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com.
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.