I am using auth component for user authentication. I am creating force logout functionality in my application. If user with same username and password logged in from one machine and another user try to log in using same user name and password from another machine. he/she will see force logout option under login form. if he/she click on that. first user gets logout. I am doing this using database table. above functionality works great in firefox but not in IE 7. In IE when i click on force logout, auth gives me na error "You are not authorized to access that location." Apache log gives me 302 error.
I have changed following part of session in core.php but still it is not working ....... Configure::write('Security.level', 'low'); Configure::write('Session.checkAgent', false); And following are unchanged sessions configuration from core.php Configure::write('Session.save', 'php'); Configure::write('Session.cookie', 'CAKEPHP'); Configure::write('Session.timeout', '120'); Configure::write('Session.start', true); --------------------------------------------------------------------------------------------------- [B]AppController[/B] [CODE] class AppController extends Controller { var $components = array('Auth', 'Cookie', 'RequestHandler'); var $helpers = array('Html', 'Form', 'Javascript', 'Ajax','Time'); function beforeFilter() { $this->Auth->loginRedirect = array('plugin' => null,'controller' => 'questions', 'action' => 'home'); $this->Auth->logoutRedirect = array('plugin' => null,'controller'=> 'users', 'action' => 'login'); $this->Auth->allow('signup', 'confirm', 'home', 'show','questionlist'); $this->Auth->authorize = 'controller'; $this->Auth->userScope = array('User.confirmed' => '1'); $this->set('loggedIn', $this->Auth->user('id')); $this->Auth->autoRedirect = false; $this->Cookie->name = 'QuickWall'; if(!$this->Auth->user('id')) { $cookie = $this->Cookie->read('User'); if($cookie) { $this->Auth->login($cookie); } } else { if(!ClassRegistry::init('TrackSession')- >getMyAccess($this->Auth->user('id'),$this->Session->id()) && $this- >params['action'] !='forceLogout' && !$this->RequestHandler->isAjax()) { $this->redirect($this->Auth->logout ()); } } } [/CODE] UserController.php login action [CODE] function login() { if ($this->Auth->user()) { if (!empty($this->data)) { $this->User->set($this->data); if (empty($this->data['User']['remember_me'])) { $this->Cookie->del('User'); } else { $cookie = array(); $cookie['username'] = $this->data ['User']['username']; $cookie['password'] = $this->data ['User']['password']; $this->Cookie->write('User', $cookie, true,'+2 weeks'); } unset($this->data['User']['remember_me']); $this->Session->write('username', $this->data ['User']['username']); if(!ClassRegistry::init('TrackSession')- >getMyStatus($this->Auth->user('id'))) { $this->User->logTrackSession($this- >Auth->user('id'), $this->data ['User']['username'], $this->Session- >id(), $this- >RequestHandler->getClientIP()); $this->User->trackSession($this->Auth- >user ('id'), $this->Session->id(), $this- >RequestHandler->getClientIP()); $this->redirect($this->Auth->redirect ()); } else { $this->set('force_logout_error', 'ForceLogout'); unset($this->data['User'] ['password']); //$this->redirect($this->Auth->login ()); } } } $this->set('menuTab', 'login'); } [/CODE] --------------------------------------------------------------------------------------------------------------------- UserController.php forceLogout(action) [CODE] function forceLogout() { $username = $this->Session->read('username'); $this->User->logTrackSession($this->Auth->user('id'), $username, $this->Session- >id(), $this- >RequestHandler->getClientIP()); $this->User->trackSession($this->Auth->user ('id'), $this->Session->id(), $this->RequestHandler->getClientIP ()); $this->redirect($this->Auth->redirect()); } [/CODE] --------------------------------------------------------------------------------------------------------------------------------- view/user/login.ctp [CODE] <h2>Log In To Quickwall</h2> <?php if ($session->check('Message.auth')): $session->flash('auth'); endif; ?> <?php e($form->create('User', array('action' => 'login')));?> <fieldset> <div class="input text"> <label for="UserUsername" class="usernamelabel"><span> Your Name</span></label> <?php e($form->text('username', array('class' => 'fullwidth'))); ?> </div> <div class="input text"> <label for="UserPassword" class="emaillabel"><span>Password </span></label> <?php e($form->password('password', array('class' => 'fullwidth'))); ?> </div> <div class="input text"> <label for="UserRememberMe" class="passwordlabel"><span> Remember Me</span></label> <p><?php e($form->checkbox('remember_me', array('class' => 'bigcheck'))) ?></p> </div> <?php e($form->submit('Login In', array('div' => false, 'class' => 'submitbutton'))); ?> </fieldset> <?php if (isset($force_logout_error)) { echo "you have already logged in."; e($html->link('ForceLogout', array('plugin' => null,'controller' => 'users', 'action' => 'forceLogout'))); } ?> <?php e($form->end()); ?> [/CODE] -------------------------------------------------------------------------------------------------------------------- /app/models/track_session.php [CODE] class TrackSession extends AppModel { public $useTable = 'TrackSession'; public $validate = array( 'UserID' => 'notEmpty', 'LoginSessionID' => 'notEmpty' ); public function getList() { return $this->find('all', array('order' => 'LogTrackSession.Status ASC' )); } public function getMyAccess($user_id, $session_id) { $access = $this->find('all', array( 'conditions' => array('TrackSession.UserID' => $user_id, 'TrackSession.LoginSessionID' => $session_id) )); if (empty($access)) return false; else return true; } public function getMyStatus($user_id) { $status = $this->find('count', array( 'conditions' => array( 'TrackSession.UserID' => $user_id, 'TrackSession.Status' => 1 ) )); if (empty($status)) return false; else return true; } public function setMyStatus($user_id, $value = 0) { $fields = array('TrackSession.Status'=>$value); $conditions = array('TrackSession.UserID'=>$user_id); $this->updateAll($fields, $conditions); } } [/CODE] -- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-...@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/cake-php?hl=.