得到了解决结果
使用该reference

我延长了AuthComponent到CustomAuth和覆盖在AuthComponent的 isAutorized（）方法如下：

Got the solution
using this reference
i extended the AuthComponent to CustomAuth and overridden the isAutorized() method in the AuthComponent as follows

在控制器/组件/ custom_auth.php

in controllers/components/custom_auth.php

    <?php
App::import('Component','Auth');
class CustomAuthComponent extends AuthComponent {

    public function isAuthorized($type = null, $object = null, $user = null) {

        $actions  = $this->__authType($type);
        if( $actions['type'] != 'actions' ){
            return parent::isAuthorized($type, $object, $user);
        }
        if (empty($user) && !$this->user()) {
            return false;
        } elseif (empty($user)) {
            $user = $this->user();
        }


        $group = array('model' => 'Group','foreign_key' =>$user['Login']['group_id']);
        $valid = $this->Acl->check($group, $this->action());
        return $valid;
    }
}
?>

在app_controller.php

in app_controller.php

function beforeFilter()
{
$this->CustomAuth->userModel = 'Login';
$this->CustomAuth->allowedActions = array('display');
$this->CustomAuth->actionPath = 'controllers/';
$this->CustomAuth->authorize = 'actions';
}

这解决了我的问题：）