for me? I've used cake before but not with the security component and
now I'm having trouble understanding some code that was written by
somebody else involving the loginRequired() method....
It's a pretty simple app with only a couple of controllers. Here's an
example of what the app controller looks like ...
class AppController extends Controller {
var $components = array('Security');
function beforeFilter() {
$this->Security->requireLogin(
'admin_index',
'admin_edit',
'admin_add',
'admin_delete',
'admin_landing',
array('type' => 'basic',
'users' => array('admin'=>'password'),
'login' => '_logged_in'
)
);
}
function _logged_in($user) {
$this->Session->write('admin', true);
}
}
Now... when I try to go to mysite/mycontroler/admin/index, I get the
HTTP Authentication dialog alright, but it allows me to authenticate
with any username. I can enter 'blah blah' for the username, leave the
password field blank, and it still authenticates.
So I dug into cake/libs/controllers/components/security.php and
noticed that in SecurityComponent::loginCredentials(), it will return
whatever was entered into the dialog, regardless of if it matches the
values specified in the data member SecurityComponent::loginUsers
(which stores the array of username=>password pairs specified in the
call to SecurityCompoenent::requireLogin() inside of
AppController::befireFilter().
I also returning false in the callback, AppController::_logged_in()
but no luck there either.
Any ideas?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment