Hi,
I wan't to secure my REST API with basic access authentication. My app
also contains normal open-public views and admin panel (also secured
with SecurityComponent and basic authentication).
I've put this peace of code to the controller:
public function beforeFilter() {
parent::beforeFilter();
if (!isset($this->params['admin']) && $this->RequestHandler-
>isXml()) {
$this->Security->loginOptions = array('type' => 'basic');
$this->Security->loginUsers = array('foo' => 'bar');
$this->Security->requireLogin();
$this->Security->validatePost = false;
}
}
And that works - it checks if there is no admin and is XML request.
But is this protection good enough? Is there any other way to
recognize that request is from REST API user?
Regards,
Marcin
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
