CakePHP 2.0 Problems with loginRedirect - https removed

Question

I have the following problem.

A reverse proxy is used to establish a secure (https) connection to a server in an internal network. So the address is https://<url>. If I am now on my login page (https://<url>/users/login) and hit "submit" the https is removed (by the loginRedirect) and it's trying to connect to the url via http. Of course that is running into an timeout but the users is logged in. If the user is then accessing a page directly it's working.

Once the users is on the page he can do everything that is necessary and the other links are showing up with https as expected.

How can I avoid that the loginRedirect is removing the https? One solution is to use simply $this->redirect('<url>'); instead of $this->redirect($this->Auth->redirect()); but then I would lose the handling of direct links if somebody is not logged in and tries to access a specific part of the page that requires authentication.

Thanks for the hint. Unfortunately not related since I have the problems with the Auth->redirect and it's handled by the AuthComponent. — user1171243, Aug 23 '12 at 18:33

score 1 · Answer 1 · edited Aug 24 '12 at 00:15

1

I just got help in the CakePHP lighthouse forum and I would like to share the solution with you. It was actually pretty easy. In a reverse proxy scenario you have to edit the bootstrap.php (in the config folder) and add the following base URL:

define('FULL_BASE_URL','https://your base url');

edited Aug 24 '12 at 00:15

Hugo Dozois

8,147
12
54
58

answered Aug 23 '12 at 21:54

user1171243

31
1
4

CakePHP 2.0 Problems with loginRedirect - https removed

1 Answers1