I have a feeling that you are mixing together two concepts. YOu can do the authorization with the standard authorization mechanisms, without isAuthorized(), controlling the access through the normal $this->Auth->Allow() and Deny() functions. You use this: http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#configuring-authorization-handlers
Alternatively, you can write your own isAuthorized() function that will do the checks instead of the standard controller/action based mechanism. THen you use this: http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#using-controllerauthorize But i do not think you should (or even can) mix the two... Maybe you can, but I am not sure how that will work... What do you think? On Friday, 6 July 2012 19:46:11 UTC+2, Paulo Victor wrote: > > Would you say the problema is with isAuthorized ? I am beggining to think > that. Because i always get the same AuthError message, even with no > registered users. When i am supposed to get the message in the login > funcion " Username or password is incorrect " with such an entry. > > public function login() { > if ($this->request->is('post')) { > if ($this->Auth->login()) { > return $this->redirect($this->Auth->redirect()); > } else { > $this->Session->setFlash(__('Username or password is > incorrect'), 'default', array(), 'auth'); > $this->Session->setFlash('Username or password is incorrect'); > > } > } > } > > > 2012/7/6 Paulo Victor <[email protected]> > >> Thanks :) >> >> Well, my beforeFilter in the users controller is >> >> public function beforeFilter() { >> parent::beforeFilter(); >> $this->Auth->allow('add_bolsista','logout'); >> } >> So i do use that. I am using the isAutorized based in some tutorials, >> they alway use it, as long as i found in the web. >> >> I am starting to debug this thing now, if i find anything, i post here >> >> 2012/7/5 tigr >> >>> Ah, I am struggling to implement an authentication/authorization system >>> myself now, so you have my sympathy :) >>> >>> So, your login works fine? Users get logged in? But they are not allowed >>> access? >>> Just out of curiosity why are you using isAuthorized at all? >>> >>> As for the problem at hand, it seems to me that you do all the checks, >>> Auth->alllow and isAuthorized in the AppController. However, I suspect that >>> you need to do Auth->allow() in the Users controller as well. I may be >>> wrong of course. But I would try to make sure that the right methods are >>> called first with a deliberate dose of debug() all over the place. >>> >>> >>> On Wednesday, July 4, 2012 2:52:23 PM UTC+2, Paulo Victor wrote: >>> >>>> Hum, right. I checked and this is the correct. >>>> >>>> But the problem remains. Aparently i have to keep reading the most >>>> recent docs. Must be something like that. >>>> >>>> 2012/7/4 tigr >>>> >>>>> Accordsing to documentation, it should be >>>>> >>>>> array('authorize' => 'Controller'), >>>>> >>>>> >>>>> and not >>>>> >>>>> 'authorize'=>array('**Controller'), >>>>> >>>>> Could this be the problem? >>>>> >>>>> >>>>> On Tuesday, July 3, 2012 5:34:51 PM UTC+2, Paulo Victor wrote: >>>>>> >>>>>> I don't know what do do anymore. My login system is up and runnig, >>>>>> but no matter what, always denyes access, even with registered users, >>>>>> with >>>>>> hashed password. >>>>>> >>>>>> My AppController: >>>>>> >>>>>> class AppController extends Controller { >>>>>> >>>>>> public $components = array( >>>>>> 'Session', >>>>>> 'Auth'=>array( >>>>>> 'authenticate' => array( >>>>>> 'Form' => array( >>>>>> 'fields' => array('username'=>'Login','**pas**sword'=>'Senha'), >>>>>> 'userModel'=> 'Usuario' >>>>>> ), >>>>>> ), >>>>>> 'loginAction' =>array('controller' => 'Usuarios','action' => >>>>>> 'login'), >>>>>> 'loginRedirect'=>array('**contro**ller'=>'usuarios', >>>>>> 'action'=>'index'), >>>>>> 'logoutRedirect'=>array('**contr**oller'=>'usuarios', >>>>>> 'action'=>'index'), >>>>>> 'authError'=>"You can't access that page", >>>>>> 'authorize'=>array('**Controller**'), >>>>>> 'loginError'=> 'Login errado' >>>>>> >>>>>> ) >>>>>> ); >>>>>> >>>>>> public function isAuthorized($usuario=null) { >>>>>> return true; >>>>>> } >>>>>> >>>>>> public function beforeFilter() { >>>>>> $this->Auth->allow('index','**vi**ew'); >>>>>> $this->set('logged_in', $this->Auth->loggedIn()); >>>>>> $this->set('current_user', $this->Auth->user()); >>>>>> } >>>>>> >>>>>> >>>>>> } >>>>>> ?> >>>>>> Everytime, goes to the AuthError message "You can't acces that page". >>>>>> >>>>>> I did this using documentation and Andrew Perk videos. >>>>>> >>>>>> thanks a lot >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>> Our newest site for the community: CakePHP Video Tutorials >>>>> http://tv.cakephp.org >>>>> Check out the new CakePHP Questions site http://ask.cakephp.org and >>>>> help others with their CakePHP related questions. >>>>> >>>>> >>>>> To unsubscribe from this group, send email to >>>>> cake-php+unsubscribe@**googlegroups.com<cake-php%[email protected]>For >>>>> more options, visit this group at >>>>> http://groups.google.com/**group/cake-php<http://groups.google.com/group/cake-php> >>>>> >>>> >>>> -- >>> Our newest site for the community: CakePHP Video Tutorials >>> http://tv.cakephp.org >>> Check out the new CakePHP Questions site http://ask.cakephp.org and >>> help others with their CakePHP related questions. >>> >>> >>> To unsubscribe from this group, send email to >>> [email protected] For more options, visit this >>> group at http://groups.google.com/group/cake-php >>> >> >> > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
