I’ve read the documentation for the Authentication core library
, and it’s not really clear how to use it. It seems to assume a lot of prior knowledge.

Specifically:

You configure authentication handlers using $this->Auth->authenticate.
You can configure one or many handlers for authentication. Using
multiple handlers allows you to support different ways of logging
users in. When logging users in, authentication handlers are checked
in the order they are declared. Once one handler is able to identify
the user, no other handlers will be checked. Conversely you can halt
all authentication by throwing an exception. You will need to catch
any thrown exceptions, and handle them as needed.

You can configure authentication handlers in your controller’s
beforeFilter or, in the $components array. You can pass configuration
information into each authentication object, using an array:

So in my PeopleController I wrote in the example code:

<?php
class PeopleController extends AppController {
    public $helpers = array('Html', 'Form');

    $this->Auth->authenticate = array(
        AuthComponent::ALL => array('userModel' => 'Member'),
        'Form',
        'Basic'
    );

    public function index() {

    }
}

And this exception fires:

syntax error, unexpected ‘$this’ (T_VARIABLE), expecting function
(T_FUNCTION) Error: An Internal Error Has Occurred.

Stack Trace CORE\Cake\Error\ErrorHandler.php line 162 →
ErrorHandler::handleFatalError(integer, string, string, integer)
[internal function] → ErrorHandler::handleError(integer, string,
string, integer, array) CORE\Cake\Core\App.php line 926 →
call_user_func(string, integer, string, string, integer, array)
CORE\Cake\Core\App.php line 899 → App::_checkFatalError() [internal
function] → App::shutdown()

Can anybody provide a simple example of how to protect a Controller so only an authenticated user can access it? Can I also protect individual Action functions?