Using the security component is generally done in the controller beforeFilter(). You would specify the security restrictions you want and the Security Component will enforce them on its startup.

<?php
class WidgetController extends AppController {

	var $components = array('Security');

	function beforeFilter() {
		$this->Security->requirePost('delete');
	}
}
?>

1. <?php
2. class WidgetController extends AppController {
3. var $components = array('Security');
4. function beforeFilter() {
5. $this->Security->requirePost('delete');
6. }
7. }
8. ?>

In this example the delete action can only be successfully triggered if it recieves a POST request.

<?php
class WidgetController extends AppController {

	var $components = array('Security');

	function beforeFilter() {
		if(isset($this->params[Configure::read('Routing.admin')])){
			$this->Security->requireSecure();
		}
	}
}
?>

1. <?php
2. class WidgetController extends AppController {
3. var $components = array('Security');
4. function beforeFilter() {
5. if(isset($this->params[Configure::read('Routing.admin')])){
6. $this->Security->requireSecure();
7. }
8. }
9. }
10. ?>

This example would force all actions that had admin routing to require secure SSL requests.