[fw-auth] ambiguos identity in Zend_Auth_Adapter_DbTable

Hi people,

i had some problems using Zend_Auth_Adapter_DbTable (v1.8.4)

Zend auth adapter works fine for table that contains just users from a single system, but if you make a shared table for authentication, this can generate a problem

for example, table user:
-----------------------------------
| username | password | system_id |
-----------------------------------
|  renanbr | md5(123) |        10 |
|  renanbr | md5(123) |        20 |
-----------------------------------

if you do this:

$adapter = Zend_Auth_Adapter_DbTable();
$adapter->setTableName('user')
        ->setIdentityColumn('username')
        ->setCredentialColumn('password')
        ->setCredentialTreatment('md5(?) and system_id = 20')
        ->setIdentity('renanbr')
        ->setCredential('123');
$result = Zend_Auth::getInstance()->authenticate($adapter)->isValid();

$result is false, the error code is Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS, but just one row has "zend_auth_credential_match = 1"

i think Zend_Auth_Adapter_DbTable::_authenticateValidateResultSet() should check this column (zend_auth_credential_match) and throw error just when "zend_auth_credential_match" is "1" more than one row

OR

Zend_Auth_Adapter_DbTable::_authenticateCreateSelect() should separate password treatment from select where, this way the select won't generate more than 1 row


i've fixed that in my application overwriting Zend_Auth_Adapter_DbTable::getDbSelect(), i put my filters there, but i would like to do this using just Zend_Auth_Adapter_DbTable


what do you think about? is there a better solution for that?

--
Renan de Lima Barbosa
gtalk/msn: renandelima@gmail.com
skype: renandelima
+55 61 8166-7755
renandelima.com