We Keep Coding

Permission redirecting error in CakePHP's AuthComponent

I have seen many similar problems here in SO but none have helped me solving my problem.
I don't think CakePHP's AuthComponent is behaving properly when it comes to permission errors.
My CakePHP app is in a subdomain of my website (e.g. http://www.example.com/myapp). Everytime a permission error occurs (user is not allowed to see this page), Cake adds another "/myapp" in the URL (so it becomes http://www.example.com/myapp/myapp) and naturally throws an error which says that "myapp" controller doesn't exist.
In my scenario, the login view is linked to the root of the website. So, I have in my AppController:
public $components = array(
'Session',
'Auth' => array(
'loginAction' => array(
'controller' => 'users',
'action' => 'login'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'authorize' => 'Controller',
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);
And in routes.php:
Router::connect('/', array('controller' => 'users', 'action' => 'login'));
Router::connect('/users', array('controller' => 'users', 'action' => 'login'));
Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display'));
All I want is to be able to configure manually which URL Cake should redirect to in case of permission errors. Anybody knows how to do that?

I'm sorry guys, I accidentally found the answer a bit later. As CakePHP has some very intuitive labels, I started guessing some possible options for the Auth Component that would solve my problem. And I ended up discovering the unauthorizedRedirect option!
So I have:
'unauthorizedRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
And it's working just fine now. I just wish Cake's documentation had covered this... If it does, I swear I couldn't find it anywhere.

CakePHP localization of Auth component

In my app controller I have:
public $components = array
(
'Session',
'Auth' => array
(
'loginRedirect' => array('controller' => 'devices', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'authError' => 'You can\'t access that page',
'authorize'=>array('Controller'),
'authenticate' => array('Z1')
)
);
How can I localize the error message? Using __() throws an error.
Thanks

It throws an error because PHP doesn't like use of functions inside array definitions.
What you can do is define the error after that, in every call to the controller like this
function beforeFilter() {
$this->Auth->authError= __('You can\'t access that page');
}
Or, the other option is to leave your array like that, and every time you output the error (maybe in a flash message or something), translate it there
echo __($this->Auth->authError);
But that won't let PoEdit or similar recognize the string to translate, so you'll have to add it by hand.

ACL ERR_TOO_MANY_REDIRECTS

When user access unauthorized url in my application, CakePHP execute too many redirects.
I don't know why.
I try set the parameters unauthorizedRedirect and redirectUrl, but doesn't work.
AppController.php
public $components = array(
'DebugKit.Toolbar',
'Session',
'Acl',
'Auth' => array(
'unauthorizedRedirect ' => false,
'loginAction' => array('controller' => 'users', 'action' => 'login'),
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array('username' => 'nickname', 'password' => 'password_hash')
),
),
'authorize' => array(
'Actions' => array('actionPath' => 'controllers/')
)
// 'authError' => 'This error shows up with the user tries to access a part of the website that is protected',
)
);

Change this
"actionPath" => "controllers/"
into this
"actionPath" => "Controllers/"
I'm quite sure that you are on a case sensitive OS.
Another thing to setup it's the "loginRedirect" and the "logoutRedirect" statements: at the moment, if you login into the users/login action you will be redirected to the same action again and again. For a testing purpose I'd recommend you to set both of them to the root just adding this to your code:
'loginRedirect' => '/',
'logoutRedirect' => '/'

firstly check that is users/login action can display content to unauthorized user ? Use $this->Auth->allow(array('login', 'logout') in user controller. If you use Acl and Action authorize, check that anonymus has permission to see this user/login page.

CakePHP - Routing to admin

Noob question!
I have a complete admin setup: login, authentication an so on, it's working.
So, now i need a new controller to another situation and then i create the controller named PressDownloadsController and the correct views to every action inside this new controller.
I also created the following route:
Router::connect('/pressdownloads', array('controller' => 'pressdownloads', 'action' => 'downloads'));
Inside the pressDownloads controller, there's some redirect between some actions.
When i try to open the url /pressdownloads/downloads or just /pressdownloads it just goes to admin controller and i need to login in before acess the pressdownloads area.
Why?
The Auth Settings inside UsersController (admin):
Ok. I get it.
So the auth settings:
public $components = array(
'Session',
'Auth' => array(
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
'prefix' => 'admin',
),
'loginRedirect' => '/admin/events',
'logoutRedirect' => '/admin',
'authError' => 'Acesso negado',
'flash' => array(
'element' => 'admin/messages/error',
'key' => 'auth',
'params' => array()
),
'authorize' => array('Controller'),
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);

I recommend to check Auth component settings and how you split admin area from non-admin.
Also, you may specify in your routing not to use admin prefix like this:
Router::connect('/pressdownloads', array('controller' => 'pressdownloads', 'action' => 'downloads', 'admin' => false));

I believe you are going to that link after "Admin" has been enabled. Simply put you must be clicking the link from the pages served by admin.
Try adding additional parameter "admin" => false in your present route.
Router::connect('/pressdownloads',
array(
'controller' => 'pressdownloads',
'action' => 'downloads',
'admin' => false
)
);

Auth component in cakephp supports only UsersController?

I might hav askd question related to this earlier but not satisfied by answers and no answer is working.....My doubt is little different , i have two controllers
1.UsersController.
2.MembersController.
My doubt is the Auth component is working wonders for UsersControllers, but the Auth is not working for MembersController. In simple terms whenever i try to use Auth component for my MembersController, instead of redirecting to Members view. It is displaying UsersController pages....And when i delete the UsersController i get below error...
Error: UsersController could not be found.
Is there any connection between Auth and Users. How to set Auth component for my MembersController......
This is how i am using it....
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'members', 'action' => 'home'),
'logoutRedirect' => array('controller' => 'members', 'action' => 'index')
)
);
public function beforeFilter() {
$this->Auth->allow('index', 'view');
}

In your App Controller
class AppController extends Controller {
public $components = array(
'Auth' => array(
'authorize' => 'actions',
'actionPath' => 'controllers/',
'loginAction' => array(
'controller' => 'members',
'action' => 'login',
'plugin' => false,
'admin' => false,
),
),
);
}