> Trying to access an unauthorized area of the app should not log them out by > default and kick them to a log in page.
There's absolutely no need to log them out first. Redirecting to index page is weird, the user never asked for it. But they did ask for the resource they had no right to access, so presenting them with a login screen gets them closer to what they really wanted. Does it make any sense now? -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php