after following the Tutorials to the end of the Authorization part, everything works until I press ‘submit’ on the login page. Then the following error massage shows up:
It’s weird that the “login” process seems to somehow be hitting the “/users” URL. Is the login function redirecting there after successful login? That doesn’t seem like a place that people would normally be sent to at that time.
But the URL in the error is just /users, not /users/login. Standard notation would indicate that this is the list of users. So, unless the routing has been set up such that the login method is accessible at /users, there’s a redirect happening, and it’s to an unusual location. Of course, this is all guesswork, because no code has been shared.
Once you include Authorization, every action in every controller requires an authorization check.
So, for every controller in your project, you will need to add the following as the first line of each action method if you did not already add an authorization check to the action.
$this->Authorization->skipAuthorization();
The tutorial would have already added some authorization checks to some of your action methods including the skipAuthorization to your login and logout actions in the user controller.
