Hi all,
I noticed that the HTTP response codes I get back are not the same as
when running the stack via Apache. I noticed also a few other strange
things such as content when I expected no content.
It then lead me to inspect packets. What I found was that my protected
areas were indeed accessible.
The fault lies in the way I was redirecting users to the login page. I
had followed this tutorial:
http://p0l0.binware.org/index.php/2012/02/18/zend-framework-2-authentication-acl-using-eventmanager/
I just want to caution others who may have done so and have copied this
buggy code. I've left a comment on the page as well:
http://p0l0.binware.org/index.php/2012/02/18/zend-framework-2-authentication-acl-using-eventmanager/#comment-91368
Looking at Slavey's book, I see that much of what Marco has done in his
tutorial is over engineered.
I will chance a n00b guess that because the controller and action are
not reset to something else, the original route is still followed even
though a 302 is sent with a new location.
I will refrain from drawing any more n00b conclusions and ask what you
all think.
Kind regards,
Simon
--
List: [email protected]
Info: http://framework.zend.com/archives
Unsubscribe: [email protected]
