I don't think you can. If the user browses away from the site the server won't know so can't do anything. Why is this a problem? If the user comes back while the session is still valid he'll just be logged back in automatically. If its a secure system (say banking) and there's a large 'log out' button and the user doesn't press it, he deserves to have his account plundered.
Have you looked at stateless authentication? Jeremy Burns Class Outfit http://www.classoutfit.com On 27 Oct 2011, at 06:11, Anand Ramamurthy wrote: > After much debugging I realized that my 'Session.timeout' was set to 0 > hence my session data was being dropped for every request. once I set > it to a 3600, the sessions remained and authorizations were succesful > But now this leads to another quandary. If I set the timeout to a > value and the user closes the browser without logging out, I would > like his/ her session to end and not remain because it hasnt reached > its timeout. How can I accomplish this ? Any ideas? > > Thanks, > > Anand > > On Oct 26, 9:27 pm, Jeremy Burns | Class Outfit > <[email protected]> wrote: >> Do you have any auth code in the users controller? Have you pit a debug >> statement inside isAuthorized just before returning true to check that it is >> actually passing? >> >> Jeremy Burns >> Class Outfit >> >> http://www.classoutfit.com >> >> On 26 Oct 2011, at 22:15, Anand Ramamurthy wrote: >> >> >> >> >> >> >> >>> Hello, >> >>> I am a CakePHP newbie. I am implementing login features using >>> Authentication Component (User model). It works good. However I am >>> facing problem in Authorization and Statefulness features. Once I am >>> logged in I am unable to browse to other pages as user seems to be not >>> logged in. >> >>> This is my component variable in AppController: >> >>> public $components = array( >>> 'Session', >>> 'Auth' => array( >>> 'loginAction' => array('controller' => 'users', 'action' >>> => 'login'), >>> 'loginRedirect' => array('controller' => 'users', 'action' >>> => 'index'), >>> 'logoutRedirect' => array('controller' => 'home', 'action' >>> => 'index'), >>> 'authError' => 'Did you really think you are allowed to >>> see that?', >>> 'authenticate' => array( >>> 'Form' => array('fields' => array('username' => >>> 'email', 'password' => 'password')), >>> 'Basic' => array('userModel' => 'Users.User', 'fields' >>> => array('username' => 'email', 'password' => 'password')) >>> ), >>> 'authorize' => array('Controller') >>> ) >>> ); >> >>> //AppController beforeFilter >>> function beforeFilter() { >> >>> $this->Auth->autoRedirect = false; >>> $this->Auth->userModel = 'User'; >>> $this->Auth->allow('index', 'view'); >>> } >> >>> //AppController isAuthorized >>> public function isAuthorized($user) { >> >>> if (isset($user['role']) && $user['role'] == 'admin') { >>> return true; //Admin can access every action >>> } >>> return false; // The rest don't >>> } >> >>> The user I log in has the role of "admin" set in DB. The user is able >>> to login properly get redirected to index and then I try to use the >>> edit feature in the UsersController for which he should be authorized >>> but apparently instead I get redirected to login page again with the >>> message "You are not authorized!" >> >>> I would be grateful if somebody could chime in and help or provide >>> pointers as to what I could be doing wrong? >> >>> Thanks in advance. >> >>> Anand >> >>> -- >>> Our newest site for the community: CakePHP Video >>> Tutorialshttp://tv.cakephp.org >>> Check out the new CakePHP Questions sitehttp://ask.cakephp.organd help >>> others with their CakePHP related questions. >> >>> To unsubscribe from this group, send email to >>> [email protected] For more options, visit this group >>> athttp://groups.google.com/group/cake-php > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > [email protected] For more options, visit this group at > http://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
