Merge remote branch 'ceeram/1.3-467' into 1.3

cake/libs/controller/components/auth.php

@@ -448,12 +448,14 @@ class AuthComponent extends Object {
 			trigger_error(__("Could not find \$userModel. Please set AuthComponent::\$userModel in beforeFilter().", true), E_USER_WARNING);
 			return false;
 		}
+		list($plugin, $model) = pluginSplit($this->userModel);
 		$defaults = array(
 			'loginAction' => array(
-				'controller' => Inflector::underscore(Inflector::pluralize($this->userModel)),
-				'action' => 'login'
+				'controller' => Inflector::underscore(Inflector::pluralize($model)),
+				'action' => 'login',
+				'plugin' => $plugin,
 			),
-			'sessionKey' => 'Auth.' . $this->userModel,
+			'sessionKey' => 'Auth.' . $model,
 			'logoutRedirect' => $this->loginAction,
 			'loginError' => __('Login failed. Invalid username or password.', true),
 			'authError' => __('You are not authorized to access that location.', true)

cake/tests/cases/libs/controller/components/auth.test.php

@@ -625,7 +625,7 @@ class AuthTest extends CakeTestCase {
 	}
 
 /**
- * test that being redirected to the login page, with no post data does 
+ * test that being redirected to the login page, with no post data does
  * not set the session value.  Saving the session value in this circumstance
  * can cause the user to be redirected to an already public page.
  *
@@ -1429,6 +1429,8 @@ class AuthTest extends CakeTestCase {
 			'id' => 1, 'username' => 'gwoo', 'created' => '2007-03-17 01:16:23', 'updated' => date('Y-m-d H:i:s')
 		));
 		$this->assertEqual($user, $expected);
+		$sessionKey = $this->Controller->Auth->sessionKey;
+		$this->assertEqual('Auth.TestPluginAuthUser', $sessionKey);
 
 		// Reverting changes
 		Cache::delete('object_map', '_cake_core_');