If you follow the CakePHP documentation on Authentication, you might end up with this line of code in your AppController.php file, in the beforeFilter() method.
… And that’s fine for demo purposes. But that actually allows all view() and index() actions, on every controller in your application.
That’s not likely what you want. You will need to move that line of code out of the global AppController.php file, and put it in each SpecificWhateversController.php file, allowing whatever the specific actions you want to allow to users who have not logged in.