When logging into the system and trying to redirect to index action gives me error "The request to / did not apply any authorization checks."

I am looking at Authorization’s documentation and in step 2 talks about Policies, but for some reason I don’t have src/Policy folder, where should I save a Policy class so that Authorization works?

I created the policies with bin/cake bake policy but it still gives me the same error.
How can I fill each method of the policy class, I am returning this:

return !empty($user->getIdentifier());

Is that ok to make it work the policies?

Just having a policy is not enough. You need to tell it to actually use the policy in your controller. This and this are two ways to do so.

I did all the steps in the second option but now throws me a ForbiddenException, this is the image:

Seems likely that your policy is returning false.

Then how can I implement the methods of policies so that it doesn’t throw me the ForbiddenException?

It doesn’t even let me to login, when login action is allowed with no authentication and skip authorization.
Why is that happening?

I figured it out, I have a class named RequestPolicy that has this code:

namespace App\Policy;

use Authorization\Policy\RequestPolicyInterface;
use Cake\Http\ServerRequest;

class RequestPolicy implements RequestPolicyInterface
     * Method to check if the request can be accessed
     * @param \Authorization\IdentityInterface|null $identity Identity
     * @param \Cake\Http\ServerRequest $request Server Request
     * @return bool
    public function canAccess($identity, ServerRequest $request)
        if ($request->getParam('controller') === 'Users'
            && $request->getParam('action') === 'login'
        ) {
            return true;

        return false;

Locally in my computer with wampserver it works, but in the web hosting still gives me the ForbiddenException, can you help me with that please? Why in remote isn’t working?

When things work on Windows but not on Linux, it’s quite often case issues in filenames. Is this file named “requestpolicy.php” instead of “RequestPolicy.php”, for example? Or is the folder called “policy” instead of “Policy”?

No the names are correct, but don’t matter, it’s working fine now, I created a github repository and clone it in my hosting, but for some reason this didn’t overwrite the files in the public_html folder, when I copied the files from my computer it functioned fine, now is functioning everything ok, thank you for the help.