Fixed HTTP status codes for non-redirects which were breaking AuthComponent.

lib/Cake/Controller/Controller.php

@@ -531,7 +531,7 @@ class Controller extends Object implements CakeEventListener {
 	}
 
 /**
- * Merge components, helpers, and uses vars from 
+ * Merge components, helpers, and uses vars from
  * Controller::$_mergeParent and PluginAppController.
  *
  * @return void
@@ -770,18 +770,17 @@ class Controller extends Object implements CakeEventListener {
 			session_write_close();
 		}
 
-		if (!empty($status) && is_string($status)) {
-			$codes = array_flip($this->response->httpCodes());
-			if (isset($codes[$status])) {
-				$status = $codes[$status];
-			}
-		}
-
 		if ($url !== null) {
 			$this->response->header('Location', Router::url($url, true));
 		}
 
-		if (!empty($status) && ($status >= 300 && $status < 400)) {
+		if (!empty($status)) {
+			if (is_string($status)) {
+				$codes = array_flip($this->response->httpCodes());
+				if (isset($codes[$status])) {
+					$status = $codes[$status];
+				}
+			}
 			$this->response->statusCode($status);
 		}
 

lib/Cake/Test/Case/Controller/ControllerTest.php

@@ -387,7 +387,7 @@ class AnotherTestController extends ControllerTestAppController {
 
 /**
  * merge parent
- * 
+ *
  * @var string
  */
 	protected $_mergeParent = 'ControllerTestAppController';
@@ -728,7 +728,8 @@ class ControllerTest extends CakeTestCase {
 			array(303, "See Other"),
 			array(304, "Not Modified"),
 			array(305, "Use Proxy"),
-			array(307, "Temporary Redirect")
+			array(307, "Temporary Redirect"),
+			array(403, "Forbidden"),
 		);
 	}