Friday, May 1, 2009

Re: Auth ignoring Session, redirecting to login under heavy load.

Hello Brian,

about PLESK:

1. Your DOCUMENT ROOT will be something like /var/www/domains/
domain.tld/httpdocs you will need to change that via ssh for instance.
You can do that multiple ways but the PLESK way is to go to /var/www/
domains/domain.tld/conf/ and add vhost.conf there which only has
DocumentRoot /foo/bar. vhost is included by PLESK (at least on
HostEurope).

2. I had issues with unix permissions. There are some users and some
groups and you can only have one user and group. Webserver runs on
root and/or www-data - I did not understand that fully why it even
runs under root. FTPUser (so that you can change/add files) is
something like ftpDOMAIN and then there is something like psacln
GROUP. I played around with switching groups and users to www-data and/
or root - sometimes webserver worked sometimes ftp. Finally I went
with very open unix permissions :/

in my /var/www/domains/domain.tld/httpdocs/web/ (insides that lies
my ./app and ./cake folder)

chown -R ftpDOMAIN:psacln .
chmod -R 755 .

./app/tmp required even 777 as well as ./app/webroot/uploads (there
go my MeioUpload uploads)

I even wonder why I need execute flag to be able to use FTP (no
joke) :/.
PLESK is a mess, I am weak on the linux side but PLESK is really
bad :/.
At domainfactory for instance (which costs more, yes) you can just set
your Document Root per subdomain in a web interface, PLESK with all
its useless stuff cannot do that.

On Apr 30, 6:51 pm, brian <bally.z...@gmail.com> wrote:
> On Thu, Apr 30, 2009 at 5:04 AM, Jonas Hartmann
>
> <j0n4s.h4rtm...@googlemail.com> wrote:
>
> > Hello,
>
> > i have an issue with deploying my cake application. Running local on
> > Mac OS X it works like charm. After uploading it to a Ubuntu based
> > VHost on HostEurope I had some headaches with PLESK and its strange
> > standard unix permission setup.
>
> OT: I'd appreciate it if you posted a quick message discussing some of
> the problems you encountered with Plesk and the solutions you found.
> I'll soon be deploying something to a Plesk server and, though I've
> found a few comments about that online, I haven't seen much in the way
> of answers.
>
>
>
> > I lose my session from time to time under heavy load. This happens
> > with either php, cake or database sessions, I have tried all of them.
> > It happens when for Instance I runhttp://www.domain.tld/admin/categories/index
> >  multiple times in Firefox-Tabs at once - thus, if I fire multiple
> > http requests very shortly after each other. I have no clue if
> > multiple users firing multiple events would lead to the same issue,
> > yet (that would be even worse).
>
> > I got the latest SVN head from 1.2 stable and just uploaded it to make
> > sure that it is not already fixed / an internal problem.
>
> > I am looking forward to your help/tips in regards to:
>
> > a.) My small controller code, quoted below?
> > b.) Debugging tips - how should I continue to understand what the
> > problem is?
>
> > I have disabled cache and debugging is on 2.
>
> > This is how I test against routing prefix admin. I do not know if it
> > is the best or recommended way. I would welcome suggestions. Best
> > would be if the problem would be fixed afterwards
>
> > <?php
>
> > class AppController extends Controller {
>
> >        var $helpers = array('Html', 'Form', 'Javascript', 'Time');
> >        var $components = array('Cookie', 'Session', 'Auth');
>
> >        function beforeFilter() {
> >                if(isset($this->params['prefix'])) {
> >                        if($this->params['prefix'] == 'admin') {
> >                                Configure::write('debug', 2);
> >                                $this->Auth->deny('*');
> >                                $this->Auth->allow('login');
> >                        } else {
> >                                $this->Auth->allow('*');
> >                        }
> >                } else {
> >                        $this->Auth->allow('*');
> >                }
> >        }
>
> > }
> > ?>
>
> You should never include 'login' in allow().
>
> This is how I have things working:
>
> AppController:
> function beforeFilter()
> {
>         $this->Auth->fields = array('username' => 'email', 'password' => 'password');
>         $this->Auth->loginError = 'No matching user found.';
>         $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
>         $this->Auth->loginRedirect = array('controller' => 'pages', 'action'
> => 'display', 'home');
>         $this->Auth->autoRedirect = false;
>         $this->Auth->logoutRedirect = array('controller' => 'users', 'action'
> => 'login');
>
>         /* Auth will check controller's isAuthorized()
>          */
>         $this->Auth->authorize = 'controller';
>
>         /* I have no public pages, so I need a better authError
>          * than the default 'You are not authorized to access that
>          * location.' for users who haven't loged in yet.
>          */
>         if (!$this->Session->read('User'))
>         {
>                 $this->Auth->authError = 'Please log in';
>         }
>
>         $admin = Configure::read('Routing.admin');
>         if (isset($this->params[$admin]) && $this->params[$admin])
>         {
>                 $this->layout = 'admin';
>         }
>
> }
>
> function isAuthorized()
> {
>         $admin = Configure::read('Routing.admin');
>         if (isset($this->params[$admin]) && @isset($this->params['prefix'][$admin]))
>         {
>                 /* see User::login()
>                  */
>                 if ($this->Auth->user('admin') == 0)
>                 {
>                         return false;
>                 }
>         }              
>         return true;
>
> }
>
> UsersController:
>
> public function login()
> {
>         if ($user = $this->Auth->user())
>         {
>                 /* All my Groups below 4 are some kind of admin
>                  */
>                 if ($this->Auth->user('group_id') > 3)
>                 {
>                         $this->redirect($this->Auth->loginRedirect);
>                 }
>
>                 /* This User is an admin. You might already have an
>                  * 'admin' field in your table. I chose not to so I set it
>                  * in Auth's session values.
>                  */
>                 $this->Session->write('Auth.User.admin', 1);
>
>                 /* The redirect for an admin can be whatever you need
>                  */
>                 $this->redirect(
>                         array(
>                                 'controller' => 'admin',
>                                 'action' => 'index',
>                                 'admin' => 1
>                         )
>                 );
>         }
>
> }
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

No comments: