Re: ACL + Auth = Headache
I did the same thing at first. On Wed, Dec 7, 2011 at 10:33 AM, Geoff Douglas wrote: > When I was a newb, totally did the same thing. :) We live and we learn. > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group at > http://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: ACL + Auth = Headache
When I was a newb, totally did the same thing. :) We live and we learn. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: ACL + Auth = Headache
Doh! Man I cant believe I missed that. Thank you Geoff. This totally worked. public $components = array( 'Acl', 'Session', 'Auth' => array( 'loginRedirect' => array('controller' => 'main', 'action' => 'index'), 'actionPath' => 'controllers/', 'allow' => array('login') ) ); On Dec 7, 3:52 am, Geoff Douglas wrote: > I think what you are missing is an "allow" for the login method. > Technically the login method needs to be publicly accessible. So, the > line you have commented out that says: > //$this->Auth->allow(array('*')); > > needs to say > $this->Auth->allow(array('login')); > > This will allow an un-authenticated user to post to that method and > login. > > Try something like that. Let me know what you see. > > On Dec 6, 8:21 am, RhythmicDevil wrote: > > > > > > > > > I followed the instructions > > here:http://book.cakephp.org/view/1543/Simple-Acl-controlled-Application > > to learn how to setup ACL and Auth. My two test attempts went smoothly > > and worked as expected. However, now that I am trying it for real its > > failing. I get stuck in this redirect loop and I dont understand why. > > No matter what valid URL I enter, I get a redirect loop. > > > This is the beforeFilter in my AppController: > > > function beforeFilter() > > { > > parent::beforeFilter(); > > > //$this->Auth->allow(array('*')); > > > //Configure AuthComponent > > $this->Auth->authorize = 'actions'; > > /* > > * If the user did not select a controller/action before > > logging in, then > > * this controller/action willbe executed. > > */ > > $this->Auth->loginAction = array('controller' => 'users', > > 'action' => 'login'); > > /* > > * Send the user here after logging out > > */ > > $this->Auth->logoutRedirect = array('controller' => 'users', > > 'action' => 'login'); > > /* > > * Send the user here after logging in. > > */ > > $this->Auth->loginRedirect = array('controller' => 'main', > > 'action' => 'index'); > > } > > > Here are the login() and logout() methods for my users_controller > > > function login() > > { > > if ($this->Session->read('Auth.User')) > > { > > > $this->Session->setFlash('You are logged in!'); > > $this->redirect($this->Auth->loginRedirect, null, false); > > } > > } > > > function logout() > > { > > > exit('WTF'); > > > $this->Session->setFlash('Good-Bye'); > > $this->redirect($this->Auth->logout()); > > } > > > I expect if I enter:http://swright-dev.epic-cake/users/logoutIwould > > see "WTF" on the screen. I get redirected. > > > This is what I see repeated in my Apache access_log: > > 172.27.3.23 - - [06/Dec/2011:11:12:58 -0500] "GET / HTTP/1.1" 302 1 > > "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 > > Firefox/5.0" > > > Nothing is generated in the Apache error_log, or Cake's error and > > debug logs. > > > The only way the redirect loop stops is if I uncomment this line in > > the beforeFilter: > > //$this->Auth->allow(array('*')); > > But then no Auth works obviously. Can someone please point me in the > > right direction? > > > Thanks. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: ACL + Auth = Headache
I believe you problem is that the login method is not publicly available. change the commented out line: //$this->Auth->allow(array('*')); to: $this->Auth->allow(array('login')); This can be in the AppContoller or the UserController. If you put an Auth allow in the AppController it will apply to "login" methods in all your controllers, just an FYI. Anyways, that should stop the redirect. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: ACL + Auth = Headache
I think what you are missing is an "allow" for the login method. Technically the login method needs to be publicly accessible. So, the line you have commented out that says: //$this->Auth->allow(array('*')); needs to say $this->Auth->allow(array('login')); This will allow an un-authenticated user to post to that method and login. Try something like that. Let me know what you see. On Dec 6, 8:21 am, RhythmicDevil wrote: > I followed the instructions > here:http://book.cakephp.org/view/1543/Simple-Acl-controlled-Application > to learn how to setup ACL and Auth. My two test attempts went smoothly > and worked as expected. However, now that I am trying it for real its > failing. I get stuck in this redirect loop and I dont understand why. > No matter what valid URL I enter, I get a redirect loop. > > This is the beforeFilter in my AppController: > > function beforeFilter() > { > parent::beforeFilter(); > > //$this->Auth->allow(array('*')); > > //Configure AuthComponent > $this->Auth->authorize = 'actions'; > /* > * If the user did not select a controller/action before > logging in, then > * this controller/action willbe executed. > */ > $this->Auth->loginAction = array('controller' => 'users', > 'action' => 'login'); > /* > * Send the user here after logging out > */ > $this->Auth->logoutRedirect = array('controller' => 'users', > 'action' => 'login'); > /* > * Send the user here after logging in. > */ > $this->Auth->loginRedirect = array('controller' => 'main', > 'action' => 'index'); > } > > Here are the login() and logout() methods for my users_controller > > function login() > { > if ($this->Session->read('Auth.User')) > { > > $this->Session->setFlash('You are logged in!'); > $this->redirect($this->Auth->loginRedirect, null, false); > } > } > > function logout() > { > > exit('WTF'); > > $this->Session->setFlash('Good-Bye'); > $this->redirect($this->Auth->logout()); > } > > I expect if I enter:http://swright-dev.epic-cake/users/logoutI would > see "WTF" on the screen. I get redirected. > > This is what I see repeated in my Apache access_log: > 172.27.3.23 - - [06/Dec/2011:11:12:58 -0500] "GET / HTTP/1.1" 302 1 > "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 > Firefox/5.0" > > Nothing is generated in the Apache error_log, or Cake's error and > debug logs. > > The only way the redirect loop stops is if I uncomment this line in > the beforeFilter: > //$this->Auth->allow(array('*')); > But then no Auth works obviously. Can someone please point me in the > right direction? > > Thanks. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: ACL + Auth = Headache
Yes, it works because you have disabled the ACL :) -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: ACL + Auth = Headache
Ok so it seems that this might be the culprit: $this->Auth->authorize = 'actions'; If I comment out that line I dont get the redirect loop. On Dec 6, 11:21 am, RhythmicDevil wrote: > I followed the instructions > here:http://book.cakephp.org/view/1543/Simple-Acl-controlled-Application > to learn how to setup ACL and Auth. My two test attempts went smoothly > and worked as expected. However, now that I am trying it for real its > failing. I get stuck in this redirect loop and I dont understand why. > No matter what valid URL I enter, I get a redirect loop. > > This is the beforeFilter in my AppController: > > function beforeFilter() > { > parent::beforeFilter(); > > //$this->Auth->allow(array('*')); > > //Configure AuthComponent > $this->Auth->authorize = 'actions'; > /* > * If the user did not select a controller/action before > logging in, then > * this controller/action willbe executed. > */ > $this->Auth->loginAction = array('controller' => 'users', > 'action' => 'login'); > /* > * Send the user here after logging out > */ > $this->Auth->logoutRedirect = array('controller' => 'users', > 'action' => 'login'); > /* > * Send the user here after logging in. > */ > $this->Auth->loginRedirect = array('controller' => 'main', > 'action' => 'index'); > } > > Here are the login() and logout() methods for my users_controller > > function login() > { > if ($this->Session->read('Auth.User')) > { > > $this->Session->setFlash('You are logged in!'); > $this->redirect($this->Auth->loginRedirect, null, false); > } > } > > function logout() > { > > exit('WTF'); > > $this->Session->setFlash('Good-Bye'); > $this->redirect($this->Auth->logout()); > } > > I expect if I enter:http://swright-dev.epic-cake/users/logoutI would > see "WTF" on the screen. I get redirected. > > This is what I see repeated in my Apache access_log: > 172.27.3.23 - - [06/Dec/2011:11:12:58 -0500] "GET / HTTP/1.1" 302 1 > "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 > Firefox/5.0" > > Nothing is generated in the Apache error_log, or Cake's error and > debug logs. > > The only way the redirect loop stops is if I uncomment this line in > the beforeFilter: > //$this->Auth->allow(array('*')); > But then no Auth works obviously. Can someone please point me in the > right direction? > > Thanks. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
ACL + Auth = Headache
I followed the instructions here: http://book.cakephp.org/view/1543/Simple-Acl-controlled-Application to learn how to setup ACL and Auth. My two test attempts went smoothly and worked as expected. However, now that I am trying it for real its failing. I get stuck in this redirect loop and I dont understand why. No matter what valid URL I enter, I get a redirect loop. This is the beforeFilter in my AppController: function beforeFilter() { parent::beforeFilter(); //$this->Auth->allow(array('*')); //Configure AuthComponent $this->Auth->authorize = 'actions'; /* * If the user did not select a controller/action before logging in, then * this controller/action willbe executed. */ $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); /* * Send the user here after logging out */ $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login'); /* * Send the user here after logging in. */ $this->Auth->loginRedirect = array('controller' => 'main', 'action' => 'index'); } Here are the login() and logout() methods for my users_controller function login() { if ($this->Session->read('Auth.User')) { $this->Session->setFlash('You are logged in!'); $this->redirect($this->Auth->loginRedirect, null, false); } } function logout() { exit('WTF'); $this->Session->setFlash('Good-Bye'); $this->redirect($this->Auth->logout()); } I expect if I enter: http://swright-dev.epic-cake/users/logout I would see "WTF" on the screen. I get redirected. This is what I see repeated in my Apache access_log: 172.27.3.23 - - [06/Dec/2011:11:12:58 -0500] "GET / HTTP/1.1" 302 1 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0" Nothing is generated in the Apache error_log, or Cake's error and debug logs. The only way the redirect loop stops is if I uncomment this line in the beforeFilter: //$this->Auth->allow(array('*')); But then no Auth works obviously. Can someone please point me in the right direction? Thanks. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php