Re: SSL Help
Hello cakephp people from 18 months ago, I was working on this today and fixed it. nginx needs to be told send the SCRIPT_URI param to PHP. put this in your facstcgi_params file # added so that cakephp redirects https properly # no scheme info was available in the environment/$_SERVER # so, we define it here - see basics.php fastcgi_param SCRIPT_URI $scheme://$host$request_uri; HTH, sophistry On Saturday, March 12, 2011 4:33:43 PM UTC-5, Krissy Masters wrote: > > Ok sorry for all the SSL questions. > > I am not sure if its because I am on nginx. but all tips / guides / > cookbook > show > > function forceSSL() { > $this->redirect('https://' . env('SERVER_NAME') . $this->here); > } > > All that did was loop me never ending error. > > So after debugging server variables I ended up with : > > function forceSSL() { > if($_SERVER['SERVER_PORT'] != "443") { > this->redirect('https://www.' . $_SERVER['SERVER_NAME'] . > $this->here); > } else { > return; > } > } > > I could never get a value from $_SERVER['HTTPS'] if I was on a https or > http > page. > > Is there anything wrong going this route? What should print > $_SERVER['HTTPS']; return if anything on http || https pages? > "Set to a non-empty value if the script was queried through the HTTPS > protocol." Says php.net but I never got a value on either secure or not. > > Thanks again all, > > K > > -- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en-US.
RE: SSL Help
Ok sorry for all the SSL questions. I am not sure if its because I am on nginx. but all tips / guides / cookbook show function forceSSL() { $this->redirect('https://' . env('SERVER_NAME') . $this->here); } All that did was loop me never ending error. So after debugging server variables I ended up with : function forceSSL() { if($_SERVER['SERVER_PORT'] != "443") { this->redirect('https://www.' . $_SERVER['SERVER_NAME'] . $this->here); } else { return; } } I could never get a value from $_SERVER['HTTPS'] if I was on a https or http page. Is there anything wrong going this route? What should print $_SERVER['HTTPS'] ; return if anything on http || https pages? "Set to a non-empty value if the script was queried through the HTTPS protocol." Says php.net but I never got a value on either secure or not. Thanks again all, K -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: SSL Help
in order to support SSL do i have to change anything on my program? I thought we only need to deal on system level. Install and change apache config On Fri, Mar 11, 2011 at 9:57 PM, Krissy Masters wrote: > Thanks everyone. > > @Jeremy Will give this a shot. Found a SSL component I guess pre-your > modifications. > > Keep you posted. > > K > > > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group > at http://groups.google.com/group/cake-php > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
RE: SSL Help
Thanks everyone. @Jeremy Will give this a shot. Found a SSL component I guess pre-your modifications. Keep you posted. K -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: SSL Help
This can help, but I have found it a bit unreliable: core.php: Configure::write('Session.cookie_secure', false); Jeremy Burns Class Outfit jeremybu...@classoutfit.com http://www.classoutfit.com On 12 Mar 2011, at 05:40, Dr. Tarique Sani wrote: > Just from top of the head here. Redirection from https to http mean you will > loose your session and in turn your authentication. > > Most likely you are trying to redirect your user to an action which requires > authentication but is not on https, thus that action redirects the user back > to login on https your which finds your as being already authenticated and > redirects to > > got it :-) > > Cheers > Tarique > > > On Sat, Mar 12, 2011 at 11:03 AM, Krissy Masters > wrote: > I am only starting in on SSL and getting nowhere. > > Attempting to secure 2 actions to start (will secure entire backend IF I can > get these running first) > > Users Controller: > > public function beforeFilter() { >parent::beforeFilter(); >$this->Auth->allowedActions = array( 'login', 'logout', 'register'); >$this->Auth->fields = array( 'username' => 'email', 'password' => > 'security' ); >$this->Security->blackHoleCallback = 'forceSSL'; >$this->Security->requireSecure( 'login', 'register'); >//$this->Security->requireSecure( array('login', 'register')); >$this->Auth->autoRedirect = false; > } > > App Controller: > > Has Security in $component array > > function forceSSL() { >$this->redirect('https://' . $_SERVER['SERVER_NAME'] . > $this->here); >} > > All I get is infinite never ending loop browser message. > > Can anyone help as this is just the basics as the cookbook points out and > still im getting nowhere. > > Thanks, > > K > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group at > http://groups.google.com/group/cake-php > > > > -- > = > PHP for E-Biz: http://sanisoft.com > = > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group at > http://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: SSL Help
You're getting infinite redirects because there is no condition in your forceSSL function- have it check for https first, otherwise it will just keep redirecting: function forceSSL( if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ) { return; } else { $this->redirect('https://' . $_SERVER['SERVER_NAME'] . $this->here); } ) -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: SSL Help
I achieved this using a component called SSL - I can't remember where I got it from, but I am sure a search will turn it up. I had to alter it a bit as the server I used it on had all sorts of edge servers and so on, but here's my final implementation. The cool thing is that you have a single array in app_controller that determines which controllers and actions are SSLed. Hope it helps... app_controller.php: var $components = array( 'Security', ... 'Secured.Ssl' => array( 'secured' => array( 'orders' => '*', 'order_notes' => '*', 'order_items' => '*', 'users' => '*', 'questionnaires' => '*', 'customers' => '*' ) ) ... } ssl.php (in components) controller = $controller; $this->_set($settings); if ( $_SERVER['SERVER_ADDR'] == '192.0.192.1' || env('HTTPS') == 1 ) { $this->https = true; } if ($this->autoRedirect === true) { $secured = $this->ssled($this->controller->params); if ($secured && !$this->https) { $this->forceSSL(); } elseif (!$secured && $this->https) { $this->forceNoSSL(); } } } public function ssled($params) { if (!array_key_exists($params['controller'], $this->secured)) { return false; } $actions = (array) $this->secured[$params['controller']]; if ($actions === array('*')) { return true; } return (in_array($params['action'], $actions)); } public function forceSSL() { $server = env('SERVER_NAME'); $this->controller->redirect("https://$server{$this->controller->here}"); } public function forceNoSSL() { $server = env('SERVER_NAME'); $this->controller->redirect("http://$server{$this->controller->here}"); } } ?> Jeremy Burns Class Outfit jeremybu...@classoutfit.com http://www.classoutfit.com On 12 Mar 2011, at 05:33, Krissy Masters wrote: > I am only starting in on SSL and getting nowhere. > > Attempting to secure 2 actions to start (will secure entire backend IF I can > get these running first) > > Users Controller: > > public function beforeFilter() { > parent::beforeFilter(); > $this->Auth->allowedActions = array( 'login', 'logout', 'register'); > $this->Auth->fields = array( 'username' => 'email', 'password' => > 'security' ); > $this->Security->blackHoleCallback = 'forceSSL'; > $this->Security->requireSecure( 'login', 'register'); > //$this->Security->requireSecure( array('login', 'register')); > $this->Auth->autoRedirect = false; > } > > App Controller: > > Has Security in $component array > > function forceSSL() { > $this->redirect('https://' . $_SERVER['SERVER_NAME'] . > $this->here); > } > > All I get is infinite never ending loop browser message. > > Can anyone help as this is just the basics as the cookbook points out and > still im getting nowhere. > > Thanks, > > K > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group at > http://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: SSL Help
Just from top of the head here. Redirection from https to http mean you will loose your session and in turn your authentication. Most likely you are trying to redirect your user to an action which requires authentication but is not on https, thus that action redirects the user back to login on https your which finds your as being already authenticated and redirects to got it :-) Cheers Tarique On Sat, Mar 12, 2011 at 11:03 AM, Krissy Masters wrote: > I am only starting in on SSL and getting nowhere. > > Attempting to secure 2 actions to start (will secure entire backend IF I > can > get these running first) > > Users Controller: > > public function beforeFilter() { >parent::beforeFilter(); >$this->Auth->allowedActions = array( 'login', 'logout', 'register'); >$this->Auth->fields = array( 'username' => 'email', 'password' => > 'security' ); >$this->Security->blackHoleCallback = 'forceSSL'; >$this->Security->requireSecure( 'login', 'register'); >//$this->Security->requireSecure( array('login', 'register')); >$this->Auth->autoRedirect = false; > } > > App Controller: > > Has Security in $component array > > function forceSSL() { >$this->redirect('https://' . $_SERVER['SERVER_NAME'] . > $this->here); >} > > All I get is infinite never ending loop browser message. > > Can anyone help as this is just the basics as the cookbook points out and > still im getting nowhere. > > Thanks, > > K > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group > at http://groups.google.com/group/cake-php > -- = PHP for E-Biz: http://sanisoft.com = -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
RE: SSL help
Yep Plesk. I did see that option and did set it to use same directory and problem solved! Thanks. Dave From: LightDot [mailto:light...@gmail.com] Sent: December-18-10 9:10 AM To: cake-php@googlegroups.com Subject: Re: SSL help Sounds like a server with a Plesk control panel? There is an option to serve both standard and SSL pages from the same directory. If you can't set that, you'll have to duplicate your code in both httpdocs and httpsdocs folders. Now, that perhaps might have some consequences in regards to cache & sessions? Don't know... Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: SSL help
Sounds like a server with a Plesk control panel? There is an option to serve both standard and SSL pages from the same directory. If you can't set that, you'll have to duplicate your code in both httpdocs and httpsdocs folders. Now, that perhaps might have some consequences in regards to cache & sessions? Don't know... Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: SSL help
On Dec 17, 2010, at 14:58, Dave Maharaj wrote: > This is my first crack at SSL on a Cake site so first question after my > attempt is. > > Server has httpdocs and httpsdocs. The site is in httpdocs/app so how does > this work? I get blank page when I go to https/site/login so my first guess > is because its looking for files in httpsdocs which there are none. > > Any tips / online steps to point me in the right direction would be great. Sounds like a web server configuration question, not a CakePHP question. Consult your web server documentation to figure out how to change it so the https site and the http site are served from the same document root. Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en