While playing in my workspace i need to make a route which should be use a secure path. That means https (SSL connection). So after googled for while i got the idea. Basically what i need is.. when an user in my sing in page will go through via the ssl connection. After entering user name and password will validated and redirect in to another location. So usually user will go through in https protocol then again redirected into http.
Here what i did;
Well, obviously i use cake’s component
1. Create a file ssl.php into app/controllers/components/
paste this code
<?php
class SslComponent extends Object {
var $components = array('RequestHandler');
var $Controller = null;
function initialize(&$Controller) {
$this->Controller = $Controller;
}
function force() {
if(!$this->RequestHandler->isSSL()) {
$this->Controller->redirect('https://'.$this->__url());
}
}
function unforce() {
if($this->RequestHandler->isSSL()) {
$this->Controller->redirect('http://'.$this->__urll());
}
}
function __url() {
$port = env('SERVER_PORT') == 80 ? '' : ':'.env('SERVER_PORT');
return env('SERVER_NAME').$port.env('REQUEST_URI');
}
function __urll() {
$port = env('SERVER_PORT') == 443 ? '' : ':'.env('SERVER_PORT');
return env('SERVER_NAME').$port.env('REQUEST_URI');
}
}
?>
you can find it also here but i added unforce() and __urll() 
3. Now, in my case only when user click in to sign in or lend now, I need the https connection. Thats why, in my home controller i added this beforeRender() method, but make sure you assign this Ssl component.
var $components = array( 'Ssl' );
public function beforeRender(){
$action = array( 'signin', 'lendnow' );
if( in_array( $this->params['action'] , $action ) ){
$this->Ssl->force();
}else{
$this->Ssl->unforce();
}
}
So, i will create a secure connection with my apache server.
4. User now enter their user name and password and submit
5. If anyone click beside this they will have only http connection
That’s it
enjoy
8 responses so far ↓
Rajib Deb // July 14, 2008 at 1:39 pm |
Nice Article
Tanveer // July 15, 2008 at 12:11 am |
hiii rajib ..
Thanks for visiting my weblog man
m appreciate ur comment
chris // July 18, 2008 at 10:13 pm |
Thanks!!!!
Tanveer // July 19, 2008 at 2:53 am |
u welcome chris
Richard // August 24, 2008 at 6:59 pm |
nice little component!
Once thing that might also be work looking at is the “requireSecure” method of the built-in security component, which on the surface seems like it might do the same thing.
Conexiones HTTP seguras (https) en CakePHP 1.2 | Blog cakephp en español por Hospedaxes // October 9, 2008 at 1:13 pm |
[...] de conexiones seguras de nuestra página web, vamos a utilizar un método que hemos visto en el weblog de Tanveer. Lo normal es que necesitemos que algunas de las páginas de la web sean seguras, como pueden ser [...]
Bảo Nam // September 12, 2009 at 11:37 am |
thanks for your share!
Tanveer // September 12, 2009 at 3:46 pm |
You welcome Nam