Re: Implemented OthAuth

[Olivier Percebois-Garve]

Wow. I see that there is more and more othAuth users. I've two issues I'm not sure how to tackle. Just wanna to know if some peoples are sharing the same concerns (and if crazylegs thought about that for the new version) 1.Sometimes I hit the login page while its seems that I am already logged. if I fill in the right login, then I got back the message that credentials are wrong. But n fact after that  if I enter manually  the  url of a restricted method, I can access it. I'm not sure how to reproduce this but it happened often during testing of code in restricted method. maybe it is related to my use of requestAction. 2. I'd like to gather the name of all the controller having restricted methods, and the names of the restricted methods ($othAuthRestrictions) in my layout. Basically I'm doing : if restricted build adminMenu else build userMenu Any ideas on how to achieve this ? olivvv Langdon Stevenson wrote: Hi rombeh I have the following code in the controllers that I want to protect: (note: extra $helpers and $components have been removed to simplify) class LeadersController extends AppController { var $name = 'Leaders'; //for php4 var $helpers = array('othAuth'); var $components = array('othAuth'); var $othAuthRestrictions = array('index'); function beforeFilter() { $auth_conf = array('auto_redirect' => true, 'login_page' => 'leaders/login', 'logout_page' => 'leaders/logout', 'access_page' => '/leaders', 'hashkey' => 'mYpERsOnALhaSHkeY', 'strict_gid_check' => false); $this->othAuth->controller = &$this; $this->othAuth->init($auth_conf); $this->othAuth->check(); } function index () { // Action code ... } } That is all that is required to add to the controller to protect the index action, assuming that you have followed the othAuth setup instructions and have the required classes and DB tables in place. As mentioned in my previous post I also have a permission in the permission table like this: INSERT INTO `cake_permissions` VALUES (1,'leaders/index','2006-03-13 23:19:31','0000-00-00 00:00:00'); And a Groups-Permissions mapping that connects that permission to the desired user's group. As a side note, you have to check that your User has the right group ID assigned, and that their Active field is set to "1". Hope this is useful. Regards, Langdon rombeh wrote: hi Langdon Stevenson, Can u show me quick walkthrough (place some code too :D) in order to get it works thanks --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---