[nycphp-talk] Re: CakePHP and HTTP Auth

Nate Abele nate at
Thu Jan 4 13:14:20 EST 2007

class PluginAppController extends AppController {

	var $components = array("Security");

	function beforeFilter() {
		$this->Security->requireLogin(array('users' => array(
			'admin' => 'admin',
			'guest' => 'guest'

You know, I get so sick of people ranting about Open Source projects  
as if the authors somehow owe them something.  We are three people,  
three and a half on a good day.  Some of us have social lives, and  
all of us have bills to pay.  Documentation is often a sore spot for  
OS projects, and ours certainly isn't perfect, but it is far better  
than it was, and far, far better than many other projects out there.

Also, at this point it's pretty unfair to characterize our  
documentation as so scattershot.  If you bothered to look, you'd  
notice that the wiki has been shut down, and we've created a new  
community documentation system as which is  
filling out quite nicely.

Furthermore, and this one goes out to anyone else not paying  
attention, SecurityComponent::requireLogin() is part of CakePHP 1.2,  
which is currently in development status, and thus neither feature- 
complete nor fully debugged.  That particular method is undocumented  
due largely to the fact that *it's not done yet*.

Finally, it's true, we are keenly aware that our documentation could  
use a little more work, but that's part of why we're an Open Source  
project.  If you dig into a specific Cake feature, find there's no  
documentation, and learn to use it anyway, here's a novel idea: HELP  
US.  John Anderson heads up the documentation team (of one), and can  
be reached at psychic at cakephp d0t org.

Oh, and this has to be a first.  I don't think I've ever actually  
heard anyone complain about the fact that we have an IRC channel  
offering live support, which one of the core developers of the  
framework is almost always on.

- Nate
Core Developer, CakePHP

> Date: Thu, 04 Jan 2007 12:22:51 -0500
> From: Brian Dailey <support at>
> Subject: [nycphp-talk] CakePHP and HTTP Auth
> To: NYPHP Talk <talk at>
> Message-ID: <459D37EB.9030400 at>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> Have any of you cake-users on the list tried to password protect a
> single cake subdir (in my case, a plugin)? I got this working at one
> point, but I can't figure out how I did it. I'm currently  
> attempting to
> pull in the Security->requireLogin() param, but it's just  
> redirecting to
> somewhere else and not asking for authentication at all.
> All I'm looking for is a simple password protect - the kind you'd use
> with a .htaccess file normally.
> <rant>
> By the way, this is my biggest complaint with Cake. Documentation.
> Relying on the "shotgun documentation", leaving little bits and pieces
> here and there (wiki, google groups, irc) is killing me. The more  
> time I
> spend trying to figure out how do to something that should be  
> relatively
> simple, the less beneficial it is for me to use Cake. It's a great
> system, but man, the documentation is horrendous.
> </rant>
> Thanks,
> - Brian

More information about the talk mailing list