Hi there, I had very similar problems to this... If you split "visiting" urls into 6 separate cases.
1) not logged in visiting a url by clicking on a link 2) not logged in visiting a url by directly inputting it in browser 3) logged in visiting a url by clicking on a link - access allowed 4) logged in visiting a url by direclty inputting it in a browser - access allowed 5) logged in visiting a url by clicking on a link - but insufficient Acl permissions for page 6) logged in visiting a url by directly inputting it in a browser - insufficient Acl permissions for page You get varied behaviours. This all arises due to the tightly interwoven dependency between Auth / Acl, but not having sufficient distinct redirect variables configured to deal with the 2 separate cases of insufficient privilages (excuse the spelling) vs not authenticated. I had a long (heated) chat in IRC with someone regarding this and have also submitted this as a bug (i.e what happens in some of these cases is not documented / inconsistent) and in the end, even though it is (in my eyes) a VITAL part of the framework to make sure it is addressed, I, and many others have been brushed off (requests / queries of this nature do crop up frequently) I did figure out a solution, and in doing so decided to try and neaten up my code / refactor it into a separate Acl component but in doing more research, decided that the Acl mechanism was just too cumbersome for what I need at the moment anyway. I checked out authsome, and that works fine for me (although there was some of the plugin code in that that needed to be updated to make it work with Routes and plugins) I might get round to digging out my fixes if you're interested, but they were a bit unsitely and involved (if memory serves me) code placed in beforeFilter, some more AppController variables being set and also an override of the referer and the acl check function to be implemented, so it wasn't a nice fix. I'd much rather it got recognised as a proper "core" issue to be coded by a main dev team member. On Nov 17, 5:02 am, Amit Badkas <amit.sanis...@gmail.com> wrote: > Hi, > > Auth component uses 'loginRedirect' (by default, /users/login or > /admin/users/login) class property for redirecting non-logged in users to > login page if you are on restricted page. > > Amit Badkas > > PHP Applications for E-Biz:http://www.sanisoft.com > > On Wed, Nov 17, 2010 at 12:56 AM, danielnolan <danielano...@gmail.com>wrote: > > > I am not sure that is one hundred percent accurate, if I am logged in > > as an admin and i type a restricted URL in the address bar of the > > browser I get redirected to the main site home page. If i am not > > logged in and I type the same restricted URL in the address bar of the > > browser i get redirected to the admin/login page and I get a flash > > message saying that I am not authorized to access that location. > > > So how does the app know to redirect me to the admin/login page when > > not logged in, but when logged in I get redirected to the main site > > home page? > > > On Nov 16, 12:08 am, Amit Badkas <amit.sanis...@gmail.com> wrote: > > > Hi, > > > > The redirection after ACL fails depends on HTTP_REFERER environment > > > variable. If you access the restricted URL directly then referrer doesn't > > > get set, that's why '/' (by default, home page) is being used. > > > > Amit Badkas > > > > PHP Applications for E-Biz:http://www.sanisoft.com > > > > On Mon, Nov 15, 2010 at 10:06 PM, danielnolan <danielano...@gmail.com > > >wrote: > > > > > I have an application setup with admin prefix route, Auth, and ACL. > > > > everything seems to be working as expected, except when I am logged in > > > > as an admin user and I try to access a ACL restriced action by typing > > > > the url in the address bar of the browser. I get redirected to the > > > > home page of the site (view/pages/home.ctp) instead of the admin > > > > dashboard (users/admin_dashboard) i have created. > > > > > If I click on a link to the exact same action in the admin dashboard > > > > that is restricted, I get redirected to the admin dashboard as > > > > expected with an auth error message telling me I am not authorized to > > > > access that location. > > > > > What am I missing? > > > > > Check out the new CakePHP Questions sitehttp://cakeqs.organdhelp > > others > > > > with their CakePHP related questions. > > > > > You received this message because you are subscribed to the Google > > Groups > > > > "CakePHP" group. > > > > To post to this group, send email to cake-php@googlegroups.com > > > > To unsubscribe from this group, send email to > > > > cake-php+unsubscr...@googlegroups.com<cake-php%2bunsubscr...@googlegroups.com> > > <cake-php%2bunsubscr...@googlegroups.com<cake-php%252bunsubscr...@googlegroups.com>>For > > more options, visit this group at > > > >http://groups.google.com/group/cake-php?hl=en > > > Check out the new CakePHP Questions sitehttp://cakeqs.organd help others > > with their CakePHP related questions. > > > You received this message because you are subscribed to the Google Groups > > "CakePHP" group. > > To post to this group, send email to cake-php@googlegroups.com > > To unsubscribe from this group, send email to > > cake-php+unsubscr...@googlegroups.com<cake-php%2bunsubscr...@googlegroups.com>For > > more options, visit this group at > >http://groups.google.com/group/cake-php?hl=en Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
