CKFinder est le filemanager de CKEditor, lors de sa configuration, il faut le sécuriser, pour cela, il a une fonction "CheckAuthentication()" qui retourne false par défaut.
dans le cadre d'un zend framework, le sécurisation peut se faire comme suit :
session_start(); function CheckAuthentication() { // WARNING : DO NOT simply return "true". By doing so, you are allowing // "anyone" to upload and list the files in your server. You must implement // some kind of session validation here. Even something very simple as... // return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized']; // ... where $_SESSION['IsAuthorized'] is set to "true" as soon as the // user logs in your system. To be able to use session variables don't // forget to add session_start() at the top of this file. //return true; return !empty($_SESSION['Zend_Auth']['storage']); }