Are you certain the Auth->logout action is being called? Is the session clear (destroyed) after logout?
On 28 Jun 2014, at 12:54, Gagik Navasardyan <[email protected]> wrote: > Hi everyone. > > I have one question. > > I'm working on an application which is working in local network and acting as > POS(Point of Sale). As you understand it's based on CakePHP framework. > Now I'm encountering a strange behaviour, and I don't know is it a bug or > not, so I've decided to ask you a question here. > > - I'm using CakePHP 2.4.2 and the built-in AuthComponent for authentication > > - The thing is, after user logs out and another user logs in (using the same > computer and browser), he is being redirected to the page on which the > previous user was when logged out. Instead of being redirected to the URL > defined in 'loginRedirect' > > - In this application I'm using role based user permissions system, and the > most of time system throwing permission error, because newly logged in user > doesn't have permission to view the page on which previous user was when > logged out. > > This behaviour is very strange to me, because as I know the logout function > is destroying session, but it seems keeping the last visited URL of the > previous user in the 'Auth.redirect' property in the new session. > This seems a little bit strange to me, because I'm expecting this kind of > redirect in a few cases like: > - If user session expired and user have to login again. > - user trying to access to a page which is requiring authentication. > > I analised the code and clearly the problem is in the framework core, and > there is no way to rewrite the 'Auth.redirect' property either before or > after the 'logout' function call (in any case the session being destroyed and > as I understand CakePHP taking and writing the last visited page URL to the > new session from HTTP REFERER). > > > So question: > Is this a Normal behaviour, and there are some reason why this must be this > way, or this is a bug? > > -- > Like Us on FaceBook https://www.facebook.com/CakePHP > Find us on Twitter http://twitter.com/CakePHP > > --- > You received this message because you are subscribed to the Google Groups > "CakePHP" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/cake-php. > For more options, visit https://groups.google.com/d/optout. -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.
