Hi, I wan't to secure my REST API with basic access authentication. My app also contains normal open-public views and admin panel (also secured with SecurityComponent and basic authentication).
I've put this peace of code to the controller: public function beforeFilter() { parent::beforeFilter(); if (!isset($this->params['admin']) && $this->RequestHandler- >isXml()) { $this->Security->loginOptions = array('type' => 'basic'); $this->Security->loginUsers = array('foo' => 'bar'); $this->Security->requireLogin(); $this->Security->validatePost = false; } } And that works - it checks if there is no admin and is XML request. But is this protection good enough? Is there any other way to recognize that request is from REST API user? Regards, Marcin Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en