Re: SSL Help

This can help, but I have found it a bit unreliable:

core.php:

Configure::write('Session.cookie_secure', false);

Jeremy Burns

Class Outfit

jeremyburns@classoutfit.com

http://www.classoutfit.com

On 12 Mar 2011, at 05:40, Dr. Tarique Sani wrote:

Just from top of the head here. Redirection from https to http mean you will loose your session and in turn your authentication.

Most likely you are trying to redirect your user to an action which requires authentication but is not on https, thus that action redirects the user back to login on https your which finds your as being already authenticated and redirects to....

got it :-)

Cheers
Tarique

On Sat, Mar 12, 2011 at 11:03 AM, Krissy Masters <naked.cake.baker@gmail.com> wrote:

I am only starting in on SSL and getting nowhere.

Attempting to secure 2 actions to start (will secure entire backend IF I can
get these running first)

Users Controller:

public function beforeFilter() {
       parent::beforeFilter();
       $this->Auth->allowedActions = array( 'login', 'logout', 'register');
       $this->Auth->fields = array( 'username' => 'email', 'password' =>
'security' );
       $this->Security->blackHoleCallback = 'forceSSL';
       $this->Security->requireSecure( 'login', 'register');
       //$this->Security->requireSecure( array('login', 'register'));
       $this->Auth->autoRedirect = false;
}

App Controller:

Has Security in $component array

function forceSSL() {
               $this->redirect('https://' . $_SERVER['SERVER_NAME'] .
$this->here);
       }

All I get is infinite never ending loop browser message.

Can anyone help as this is just the basics as the cookbook points out and
still im getting nowhere.

Thanks,

K

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php

--
=============================================================
PHP for E-Biz: http://sanisoft.com
=============================================================

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
 
 
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php