In CakePHP Auth - there is a way to force https to perform all actions that require authentication (but not others)

Question

In CakePHP Auth - there is a way to force https to perform all actions that require authentication (but not others)

Using CakePHP Auth, I want all actions that require login to be forced to use https as well.

Is this possible through a callback?

Additional information: I have admin routing, as well as certain actions for members only. CakePHP 1.2 is also used.

Thanks so much for any pointers to this.

+4

authentication php https cakephp

Luke barker Aug 19 '10 at 9:47

source share

2 answers

Chuck burgess · Answer 1 · 2010-08-19T16:44:46+0000

New for version 2.x: SecurityComponent :: requireSecure () see http://book.cakephp.org/2.0/en/core-libraries/components/security-component.html

tc. · Answer 2 · 2010-08-19T19:18:03+0000

The registration page should also be transmitted via HTTPS, and you probably want the cookie secure for registered users, so it is not transmitted when accessing the site via HTTP (this means that the user will not appear when logging in when viewing via HTTP )

In CakePHP Auth - there is a way to force https to perform all actions that require authentication (but not others)

More articles: