Sharing technology, ideas, insights!
Call: +91 710 466 0336         Email:


Bugs & enhancements for Auth component in CakePHP v1.2 – Part 1

The auth component is supposed to handle the user login in your app but I was just not able to get that done and there have been similar complaints in the CakePHP mailing list.

Since I wanted it *NOW* I had no option but to once again dig into the source – but – hey it is not so bad, they give you the code so that you can change it! right?

As I started looking into the code several other things stuck me as being wrong. This is a brief account of what I found…..

Ticket #29931. The automatic user validation and automatic redirection after successful login not working
or rather the login not working.

The AuthComponent::startup() method contains code to check if current action is in the allowed actions list or not. If this check, i.e., the if condition is true then control is returned from that point and further code below that not executed. This is works fine for all actions other than login action. By reason it follows that login action should be an allowed action however the code which is used for automatic user validation and automatic redirection after successful login is below the said if condition and never gets executed after login form submission!!

To make it work – the if condition should be changed from


After above change, one more change is needed.


Once these changes are done your auth component will handle the login for you!

We have been promised that the auth component will soon be worked upon and hopefully this will be resolved… I also found a few more things in the auth component but this post is already too long – more soon…

Update: The CakePHP devs feel that the above patch is invalid and that the login action should be in the list of denied actions. Explicitly having to put login action as denied is in my opinion a needless effort, either the above patch should applied or the auth component startup should put the login action in the list of denied actions on its own

About the Author

Amit Badkas is Zend certified PHP5 and Zend Framework engineer, and has been working in SANIsoft for past 10 years, his present designation is 'Technical Manager'


  1. Pingback:

  2. Pingback: » SaniSoft Blog: Bugs & enhancements for Auth component in CakePHP v1.2 - Part 1

  3. hi, im trying to use Cakephp 1.2 alpha, but there are some problems.
    i’ve built blog demos application on cakephp 1.1, there was no problem. But on cakephp 1.2, i met with difficulties. I put the project into cake12 folder like this: cake12/app,cake,vendors, and the same with cake 1.1, folder cake11 contained app,cake,vendors folder. Both were put into the web root folder. As i run by these urls:
    http://localhost/cake11/ and http://localhost/cake12/, the first page blog of both were right loaded, but when i clicked on link “Add post”, it just appeared right url for cake 1.1(was http://localhost/cake11/index.php/posts/add/) and wrong for cake 1.2(was http://localhost/posts/add/). Do you know why it’s wrong? I used the same $html->link(”Add Post”, “/posts/add”) for two. And do you you know how to change the url to http://localhost/cake11/posts/add/ instead of http://localhost/cake11/index.php/posts/add/ ?

Leave a Reply