I think that what you're after would depend on the size and design of the application. Ideally, you would just filter access based on modules. This is really easy to do in Zend Controller Plugins. Another way would be to specify your own prefixes to actions that are protected. A more sophisticated approach would be a "role"-based method where each user has a role and a lookup is made against a resource (the action requested) and their own ACL.

I noticed in this screen cast you mentioned re-factoring the authentication check code into a controller plug-in.

I'm just after your advice of how you might do this?

Would you have an array to specify which controllers require authentication and an array to specify which actions require authentication? So that you can lock out an entire controller or just specific actions?

You've really helped me with learning Zend Framework, thank you!

Cheers,
Ryan

Grab a copy of the project or browse the repository.

ServerGrove will be sponsoring 3 videos this month! ServerGrove specializes in Zend Framework hosting and they've offered a 10% rebate on hosting with coupon code "zc". If you're looking for a host, be sure to check them out (referral). They've also added an additional coupon for "Mini Hosting" plans, get $2 off by using code "zcmini".