SSLRequireSLL in Apache's configuration to prevent non-SSL access to
'admin', and an adaptation of this code:
function beforeFilter() {
if(isset($this->params[Configure::read('Routing.admin')])){
$this->Security->blackHoleCallback = 'forceSSL';
$this->Security->requireSecure();
}
}
function forceSSL() {
$this->redirect('https://' . $_SERVER['SERVER_NAME'] . $this->here);
}
to handle the redirect in my custom app_controller. The above example
is from the cook book, here:
http://book.cakephp.org/view/268/Usage
Toby
toby1kenobi wrote:
> Hi Brian & Piotr,
>
> Thanks for replying, much appreciated. Unfortunately the leading
> slash makes no difference I'm afraid, one I'd already tried. And yes
> Piotr, the login path is also in the admin routing.
>
> Any more tips anyone?
>
> Toby
>
> On Jul 28, 7:39 pm, "3lancer.eu" <kilc...@gmail.com> wrote:
> > Hello,
> >
> > > I'm struggling with something I imagine is extremely easy, forcing
> > > my admin routes to go over SSL. Am I even close?!
> >
> > Maybe you should consider forcing SSL connection at the login point as
> > well (no need if you already aliased login operation with admin
> > route).
> >
> > Regards,
> > Piotr
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment