@Rihad If a user that is not logged in is directed to your app somehow (a link from somewhere, or types in a URL manually), then you would expect them to be redirected to the login page with a notice that they must be logged in in order to access that resource.
If a user is logged in and attempts to access a resource for which they do not have permissions, then they should probably be redirected back to the last page visited, with a notice that they do not have access to the requested resource. Sending them to a login page would imply that the same person has multiple credentials that he or she would use to access different resources on your site. The best solution, I would think, is not offer resources (links) in the view if the currently logged in user does not have sufficient permissions to access them. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
