CakePHP Authcomponent session expires after using SSL unforce method

Code in AppController class :

function beforeFilter() {
parent::beforeFilter();
$this->_setupSecurity();}

function _setupSecurity() {
$this->Security->blackHoleCallback = '_badRequest';
if(Configure::read('forceSSL')) {
    $this->Security->requireSecure('*');    }

}

/** * The main SecurityComponent callback. * Handles both missing SSL problems and general bad requests. */

function _badRequest() {
if(Configure::read('forceSSL') && !$this->RequestHandler->isSSL()) {
    $this->_forceSSL();
} else {
    $this->cakeError('error400');
}
exit;}

/** * Redirect to the same page, but with the https protocol and exit. */

function _forceSSL() {
$this->redirect('https://' . env('SERVER_NAME') . $this->here);
exit;

}

Follow this link: May be you get your solution..

https://stackoverflow.com/a/4473178/983624

if you are using Cakephp 2.0 then go to the following folder

lib/Cake/Model/Datasource/

Open the CakeSession.php file and search for the following line

if (!isset($sessionConfig['ini']['session.cookie_secure']) && env('HTTPS'))
{
        $sessionConfig['ini']['session.cookie_secure'] = 1; // Just comment this line and try it will works
}

CakePHP Authcomponent session expires after using SSL unforce method

Tags:

Ssl

Cakephp

Cakephp 2.0

Related

Recent Posts