Re: Starnge redirect from http to https on login

2013-11-22 Thread dtemes 
We have found the solution, after sending user credentials the login action 
was redirecting to users/index, that first redirect keeps the https 
protocol, but then in the index action we have some business logic to check 
the type of user and based on that redirecting to the index action of 
controller A or controller B. We have included the logic directly in the 
login action, without redirecting to /users/index, and then the https 
protocol is not lost.

To summarize:

before:

1. user posts login data
2. Redirect to /users/index
3. Based on user role redirect to controllerA/index or controllerB/index, 
here there was an extra redirect to /users/index that was using http and 
not https (???) We don't know where this second redirect to users/index 
comes from.

David

El jueves, 21 de noviembre de 2013 22:03:58 UTC+1, dtemes escribió:
>
>
> We have just installed a self signed ssl cert on the apache server and 
> doing some tests with our app running over https. The very first issue is 
> that after login we are being redirected to http, and not https, here are 
> some apache logs:
>
>  
> xxx.xxx.com:443192.168.1.3
>  - - [21/Nov/2013:12:45:24 -0800] "POST /users/login HTTP/1.1" 
> 302 596 
> "https://xxx.xxx.com/users/login"
>  
> "Moz
> illa/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"
> xxx.xxx.com:443192.168.1.3
>  - - [21/Nov/2013:12:45:24 -0800] "GET /users HTTP/1.1" 302 468 "
> https://xxx.xxx.com/users/login"
>  
> "Mozilla/5.
> 0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"
> xxx.xxx.com:80192.168.1.3
>  - - [21/Nov/2013:12:45:24 -0800] "GET /users HTTP/1.1" 302 368 
> "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) G
> ecko/20100101 Firefox/25.0"
>
>
> This is the auth config:
> $this->Auth->authorize = 'Controller';
> $this->Auth->authenticate = array('Form' => array('fields' => 
> array('username' => 'email', 'password' => 'password')));
> 
> $this->Auth->loginRedirect = array('controller' => 'users', 
> 'action' => 'index');
> $this->Auth->autoRedirect = false;
>
>
> We are currently running cake 2.4.0
>
>
>

-- 
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

--- 
You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Starnge redirect from http to https on login

2013-11-22 Thread AD7six 
This log does not look to show a redirect changing protocols. it shows, 
what looks like, two parallel/subsequent requests to /users on https and 
http. the last request shown doesn't originate from the request before it 
and has no referer.

If relevant, check what is stored in the session in Auth.redirect; if the 
original request was for http - it's quite possible you're being redirected 
back to http since that's where you were before logging in.

AD

On Thursday, 21 November 2013 22:03:58 UTC+1, dtemes wrote:
>
>
> We have just installed a self signed ssl cert on the apache server and 
> doing some tests with our app running over https. The very first issue is 
> that after login we are being redirected to http, and not https, here are 
> some apache logs:
>
>  
> xxx.xxx.com:443192.168.1.3
>  - - [21/Nov/2013:12:45:24 -0800] "POST /users/login HTTP/1.1" 
> 302 596 
> "https://xxx.xxx.com/users/login"
>  
> "Moz
> illa/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"
> xxx.xxx.com:443192.168.1.3
>  - - [21/Nov/2013:12:45:24 -0800] "GET /users HTTP/1.1" 302 468 "
> https://xxx.xxx.com/users/login"
>  
> "Mozilla/5.
> 0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"
> xxx.xxx.com:80192.168.1.3
>  - - [21/Nov/2013:12:45:24 -0800] "GET /users HTTP/1.1" 302 368 
> "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) G
> ecko/20100101 Firefox/25.0"
>
>
> This is the auth config:
> $this->Auth->authorize = 'Controller';
> $this->Auth->authenticate = array('Form' => array('fields' => 
> array('username' => 'email', 'password' => 'password')));
> 
> $this->Auth->loginRedirect = array('controller' => 'users', 
> 'action' => 'index');
> $this->Auth->autoRedirect = false;
>
>
> We are currently running cake 2.4.0
>
>
>

-- 
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

--- 
You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Starnge redirect from http to https on login

2013-11-21 Thread Andras Kende 
maybe add 

$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');

Andras Kende
http://www.kede.com


On Nov 21, 2013, at 1:03 PM, dtemes  wrote:

> 
> We have just installed a self signed ssl cert on the apache server and doing 
> some tests with our app running over https. The very first issue is that 
> after login we are being redirected to http, and not https, here are some 
> apache logs:
> 
>  xxx.xxx.com:443 192.168.1.3 - - [21/Nov/2013:12:45:24 -0800] "POST 
> /users/login HTTP/1.1" 302 596 "https://xxx.xxx.com/users/login"; "Moz
> illa/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"
> xxx.xxx.com:443 192.168.1.3 - - [21/Nov/2013:12:45:24 -0800] "GET /users 
> HTTP/1.1" 302 468 "https://xxx.xxx.com/users/login"; "Mozilla/5.
> 0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"
> xxx.xxx.com:80 192.168.1.3 - - [21/Nov/2013:12:45:24 -0800] "GET /users 
> HTTP/1.1" 302 368 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) G
> ecko/20100101 Firefox/25.0"
> 
> 
> This is the auth config:
> $this->Auth->authorize = 'Controller';
> $this->Auth->authenticate = array('Form' => array('fields' => 
> array('username' => 'email', 'password' => 'password')));
> 
> $this->Auth->loginRedirect = array('controller' => 'users', 'action' 
> => 'index');
> $this->Auth->autoRedirect = false;
> 
> 
> We are currently running cake 2.4.0
> 
> 
> 
> -- 
> Like Us on FaceBook https://www.facebook.com/CakePHP
> Find us on Twitter http://twitter.com/CakePHP
>  
> --- 
> You received this message because you are subscribed to the Google Groups 
> "CakePHP" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cake-php+unsubscr...@googlegroups.com.
> To post to this group, send email to cake-php@googlegroups.com.
> Visit this group at http://groups.google.com/group/cake-php.
> For more options, visit https://groups.google.com/groups/opt_out.

-- 
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

--- 
You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/groups/opt_out.