In case it helps anyone in the future, I used a combination of
SSLRequireSLL in Apache's configuration to prevent non-SSL access to
'admin', and an adaptation of this code:
function beforeFilter() {
if(isset($this->params[Configure::read('Routing.admin')])){
$this->Security->blackHoleCallback = 'forceSSL';
$this->Security->requireSecure();
}
}
function forceSSL() {
$this->redirect('https://' . $_SERVER['SERVER_NAME'] .
$this->here);
}
to handle the redirect in my custom app_controller. The above example
is from the cook book, here:
http://book.cakephp.org/view/268/Usage
Toby
toby1kenobi wrote:
> Hi Brian & Piotr,
>
> Thanks for replying, much appreciated. Unfortunately the leading
> slash makes no difference I'm afraid, one I'd already tried. And yes
> Piotr, the login path is also in the admin routing.
>
> Any more tips anyone?
>
> Toby
>
> On Jul 28, 7:39 pm, "3lancer.eu" <[email protected]> wrote:
> > Hello,
> >
> > > I'm struggling with something I imagine is extremely easy, forcing
> > > my admin routes to go over SSL. Am I even close?!
> >
> > Maybe you should consider forcing SSL connection at the login point as
> > well (no need if you already aliased login operation with admin
> > route).
> >
> > Regards,
> > Piotr
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
