If you are running your CakePHP app under Nginx, this might interest you. Cake relies on the php environment variable HTTPS (as in $_SERVER ['HTTPS']) for SSL to be considered by RequestHandler and SecurityComponent.
This is a problem for anyone running nginx. HTTPS is not mentioned as a parameter in any php/fastcgi example I have found. Even worse, the ssl module in nginx does not add any variable at all that can be used to set this dynamically. To let php know of the port used you would do "fastcgi_param SERVER_PORT $server_port" using the provided variable $server_port to set the desires environment variable. No $ssl variable exists and setting true or false based on the port is a bad idea. (I don't know why, that is just what I have read. Performance presumably.) If, like me, you make use of includes a lot there is another stumbling block. Simply adding in the paramater in the server block is not good enough you have to add it on the same structural level as "fastcgi_pass" and those things. So if you have a vhost file contaning just the barest of info and then you include a "cakephp.inc" which deals with all the php setups you need do some more work. I went with the cheesy quickfix of copying the cake include and calling it cakephp.ssl.inc... I won't change a lot in those two files so I guess I can remember to make any alterations in both. I hope. (did that make sense without a flowchart?) In short, you need this line among your fcgi params, but only for https requests! just adding it to the list of params will make php think it is always running under ssl. fastcgi_param HTTPS on; /Martin On Sep 22, 10:38 am, Martin Westin <martin.westin...@gmail.com> wrote: > I was doing a test to see how my app runs under ssl and found that > Auth redirects me out of ssl. All other links and redirects appear to > work which is why I ask for help. It is surely some detail I have > missed since it can't be a bug in Auth or Router. Does anyone know > what I might be doing wrong? > > Examples:https://example.com/-> > Location:http://example.com/loginhttps://example.com/login(post > form)->http://example.com/(logged > in) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
