Thanks for the reply. Agreed on the secure connection. I found a comment buried in the 1.2 manual under Core Components > Security Component > Basic HTTP Authentication that was helpful.
"This seemed like the easiest way to get HTTP auth up relly fast.. But after reading thru http://book.cakephp.org/view/172/Authentication I wish I read that first, was up and running in minutes :)" http://book.cakephp.org/view/172/Authentication I don't have it working exactly the way I want yet but it was easy enough to set up. I think the next step is to set something up in the app controller that will deny all create/update/delete actions if you're not logged in. On Jun 14, 9:20 am, calvin <[email protected]> wrote: > Are you logging in with the username "user" and the password "sekrit"? > Do you have capslock on? > > I've never used the Security component in this way before (I only use > HTTP Authentication to temporarily protect a directory), but if this > is a single-user application, and you don't need user management, then > you could skip the Security component and just create /app/webroot/ > {controller}/edit/.htaccess and configure the HTTP Authentication that > way. This hack only works for edit and delete because you only ever > access /{controller}/edit/{id} and not just /{controller}/edit by > itself. You can protect all the controller actions by putting > the .htaccess file in /app/webroot/{controller}, but you'll need to go > to /app/webroot/{controller}/index if you want the index action. > Alternately, you can use admin routing and just password protect > everything in /app/webroot/admin. But regardless of what you do, I'd > suggest using Digest authentication instead of Basic unless you are > doing this over a secure connection. > > On Jun 13, 9:37 pm,dbme<[email protected]> wrote: > > > I'm building a little application that displays a publically viewable > > resume but I want to protect the add/edit/delete methods for a given > > controller. It's a dead simple app for a single user and the whole Acl > > bit would be serious overkill. > > > The Security component seemed to fit the bill so I did the following > > in one of my controllers as a test: > > > function beforeFilter() { > > $this->Security->loginOptions = array( > > 'type'=>'basic', > > 'realm'=>'Authentication Required' > > ); > > $this->Security->loginUsers = array( > > 'user'=>'sekrit' > > ); > > $this->Security->requireLogin('edit'); > > } > > > This code came directly from The Book(http://book.cakephp.org/view/ > > 1309/Basic-HTTP-Authentication) > > > As expected a login box will pop up when I go to that page. > > Unfortunately, when I put in the proper credentials it just pops up > > the authentication dialog again. If I hit cancel, it goes to the white > > page (the black hole I'm assuming). > > > Any ideas on why it isn't working? Is there a better way to go about > > this? > > > Thanks! Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
