I found this page but I am currently unable to get it to work and don't have the time to troubleshoot right now.
http://stackoverflow.com/questions/751338/selectively-enabling-ssl-for-certain-actions-in-cakephp -- Andrew On Mon, Apr 27, 2009 at 7:22 PM, Andrew Armstrong <[email protected]>wrote: > I have a workaround using a cookie to solve the loss of the session but I > still have not implemented anything to automagically redirect the user back > to non-SSL requests. I am looking for an elegant solution if anybody out > there has one. > > -- Andrew > > > On Mon, Apr 27, 2009 at 4:25 PM, Firas <[email protected]> wrote: > >> >> I want to join you in asking this question. >> >> I'm not familiar with other posts, but I think that this is related to >> the fact that session cookies created under SSL are only retrieved >> when the client logs back in in SSL. In other words the php session >> (or cake) cookies have the "secure" parameter set to true (if the >> security level is set to "high". I looked at the code, and that >> doesn't seem to be tweekable. I could be wrong). I want to log-in only >> under SSL and redirect to non-SSL for the rest of the app. The problem >> is that the a user session was created but was not sent back in the >> cookie in the non-SSL requests. This is not a high priority issue for >> me, but I REALLY would like to know how other users deal with this. >> >> On Apr 26, 11:31 pm, "[email protected]" <[email protected]> >> wrote: >> > I have the Security component working and redirecting to my pages >> > using the sample code in the book. >> > >> > function beforeFilter(){ >> > $this->Security->blackHoleCallback = 'forceSSL'; >> > $this->Security->requireSecure('login'); >> > } >> > >> > function forceSSL() { >> > $this->redirect('https://' . $_SERVER['SERVER_NAME'] . >> $this->here); >> > } >> > >> > What I am not seeing is some way to tell my app to redirect back to >> > non-SSL requests once the user is logged in. Has anybody got any >> > suggestions on the best way to accomplish this? >> > >> > I have also seen posts talking about seesions not working when >> > switching between SSL and non-SSL requests. Is this still a problem? I >> >> >> > > > -- > Andrew Armstrong > -- Andrew Armstrong --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
