I’ve been looking into login/logout/register actions in this past days and i have a simple question to ask you guys:

The actionLogout has to be on default controller (e.g. SiteController.php) to work without any problem and then we can check the user permissions through the accessRules() to give access the user?

My issue is, i have a UserController that use for actionLogin, actionRegister and actionLogout, but i checked that i need define the actionLogout into the accessRules()… otherwise doesn’t work…

public function accessRules()


                return array(

                        array('allow', // allow all users to perform 'login' and 'register' actions

                                'actions' => array('login', 'register'),

                                'users' => array('*'),


                        array('allow', // allow authenticated users to access actions 'logout' and 'profile' actions

                                'actions' => array('logout', 'profile'),

                                'users' => array('@'),


                        array('deny', // deny all users

                                'users' => array('*'),




Question: should i use always the actionLogout on default controller, or i can use the way i’m doing on the UserController ?

Ty in advance!

only authenticated users can access action ‘logout’… where is the problem? thats right.

if u want to use logout action in default controller, just copy ur logout action fron usercontroller and copy to default/site controller and change the link user/logout to default/logout or site/logout

Ok, ty for the info!