Hello, I've been reading some of Cake's Auth and Acl docs, but it didn't seem like that would help me authenticate with Active Directory [ldap] and limit access to sections of the application via AD groups. I have looked at some of the other ldap stuff which seemed fine, but wasn't sure if I'm securing my Controller actions well enough. (described below) Any advice is appreciated.
Here's what I'm doing: Added a 'Users' controller to handle login,logout,etc.. This basically just sets session variables and calls functions within a 'LdapUsers' model. (the model interacts with the adLDAP php class) Back in the secured controller I added a beforeFilter() where it first checks if the session is auth'ed and if not redirects back over to the login. Then it checks the user's AD groups against a list of groups allowed to perform any action in that controller.. If they're not authorized it calls a custom cakeError() and dies. (it also uses $this->disableCache() as well) From some limited testing this seems to be forcing me to login at the appropriate points and does throw the cake error if I take myself out of the targeted AD groups. I'm a cake newb so I want to ensure I'm not overlooking something. Thank You, Robert --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
