I try to use the security component in cakePHP 1.3 and want to combine
the requirements to establish an SSL connection with a simple security
login.
First I want to redirect to a secure connection. Then transmitting the
password should be okay.
Both methods work fine as long as long as I don't combine them. I can
automatically redirect to SSL via _forceSSL() and I can force a basic
login with $this->Security->requireLogin();
Together, however, this creates an endless redirection error:
"The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for
this address in a way that will never complete."
The code:
class AppController extends Controller{
var $components = array('Security');
function beforeFilter(){
$this->Security->blackHoleCallback = '_forceSSL';
$this->Security->requireSecure();
$this->Security->loginOptions = array(
'type'=>'basic',
'realm'=>'myrealm'
);
$this->Security->loginUsers = array(
'username'=>'password',
);
$this->Security->requireLogin();
}
function _forceSSL(){
$this->redirect(HOME.$this->here);
}
}
I tried detecting whether the protocoll is already SSL in the
blackhole function and to skip the redirect if so, and I tried
redefining/resetting the blackhole function just before "$this-
>Security->requireLogin();", both to no avail. I must be missing
something obvious? Thanks for any hints.
PS: the HOME constant is defined in bootstrap.php, because I have to
specify different ports on dev. and production systems. It works as
long as I don't combine the two requirements.
Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
No comments:
Post a Comment