We're working on our first cake app with the latest 1.2 RC3 and we've
run across the situation discussed in ticket 5057.
https://trac.cakephp.org/ticket/5057
We're using both the auth and acl components. If a user accesses a
page that should be auth'ed and acl'ed then they're redirected to the
login page with the flash text "You don't have access to this page".
Given that we're developing a user dashboard I don't want that to be
the first thing they see. So we have a "login" link that links from
the public home page directly to the login action used by Auth/Acl
components and you get a clean page that doesn't pop any warnings and
allows them to login to the dashboard.
The problem is that when they login using that form they aren't
redirected to the loginRedirect url ($this->Auth->loginRedirect).
They're returned to the same page again with the flash text that "You
are not authorized to access that location." If you login a 2nd time
then you're redirected to the appropriate page.
I don't think we had this issue when we were just doing plain auth
without acl.
The recommended fix was to delete the session var for Auth.redirect
like "$this->Session->delete('Auth.redirect');" in the beforeFilter
and that does work. But it seems that the default behavior isn't
right. Many will want their users to login as the gateway to their
cake app and will want to have users login directly to the auth/acl
login action. Shouldn't cake cleanly handle this?
I am new to Cake so maybe there's something here I haven't wrapped my
head around yet...
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
