After much debugging I realized that my 'Session.timeout' was set to 0 hence my session data was being dropped for every request. once I set it to a 3600, the sessions remained and authorizations were succesful But now this leads to another quandary. If I set the timeout to a value and the user closes the browser without logging out, I would like his/ her session to end and not remain because it hasnt reached its timeout. How can I accomplish this ? Any ideas?
Thanks, Anand On Oct 26, 9:27 pm, Jeremy Burns | Class Outfit <[email protected]> wrote: > Do you have any auth code in the users controller? Have you pit a debug > statement inside isAuthorized just before returning true to check that it is > actually passing? > > Jeremy Burns > Class Outfit > > http://www.classoutfit.com > > On 26 Oct 2011, at 22:15, Anand Ramamurthy wrote: > > > > > > > > > Hello, > > > I am a CakePHP newbie. I am implementing login features using > > Authentication Component (User model). It works good. However I am > > facing problem in Authorization and Statefulness features. Once I am > > logged in I am unable to browse to other pages as user seems to be not > > logged in. > > > This is my component variable in AppController: > > > public $components = array( > > 'Session', > > 'Auth' => array( > > 'loginAction' => array('controller' => 'users', 'action' > > => 'login'), > > 'loginRedirect' => array('controller' => 'users', 'action' > > => 'index'), > > 'logoutRedirect' => array('controller' => 'home', 'action' > > => 'index'), > > 'authError' => 'Did you really think you are allowed to > > see that?', > > 'authenticate' => array( > > 'Form' => array('fields' => array('username' => > > 'email', 'password' => 'password')), > > 'Basic' => array('userModel' => 'Users.User', 'fields' > > => array('username' => 'email', 'password' => 'password')) > > ), > > 'authorize' => array('Controller') > > ) > > ); > > > //AppController beforeFilter > > function beforeFilter() { > > > $this->Auth->autoRedirect = false; > > $this->Auth->userModel = 'User'; > > $this->Auth->allow('index', 'view'); > > } > > > //AppController isAuthorized > > public function isAuthorized($user) { > > > if (isset($user['role']) && $user['role'] == 'admin') { > > return true; //Admin can access every action > > } > > return false; // The rest don't > > } > > > The user I log in has the role of "admin" set in DB. The user is able > > to login properly get redirected to index and then I try to use the > > edit feature in the UsersController for which he should be authorized > > but apparently instead I get redirected to login page again with the > > message "You are not authorized!" > > > I would be grateful if somebody could chime in and help or provide > > pointers as to what I could be doing wrong? > > > Thanks in advance. > > > Anand > > > -- > > Our newest site for the community: CakePHP Video > > Tutorialshttp://tv.cakephp.org > > Check out the new CakePHP Questions sitehttp://ask.cakephp.organd help > > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > > [email protected] For more options, visit this group > > athttp://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
