diff --git a/app/controllers/my_profile_controller.rb b/app/controllers/my_profile_controller.rb
index 9d2d209..7909efd 100644
--- a/app/controllers/my_profile_controller.rb
+++ b/app/controllers/my_profile_controller.rb
@@ -4,6 +4,8 @@ class MyProfileController < ApplicationController
 
   require_ssl
 
+  before_filter :login_required
+
   # declares that the controller needs an specific type of profile. Example:
   #
   #  class PersonDetailControlles < ProfileAdminController
diff --git a/lib/authenticated_system.rb b/lib/authenticated_system.rb
index 840d89a..7e73acb 100644
--- a/lib/authenticated_system.rb
+++ b/lib/authenticated_system.rb
@@ -86,7 +86,7 @@ module AuthenticatedSystem
     # Redirect to the URI stored by the most recent store_location call or
     # to the passed default.
     def redirect_back_or_default(default)
-      session[:return_to] ? redirect_to_url(session[:return_to]) : redirect_to(default)
+      session[:return_to] ? redirect_to(session[:return_to]) : redirect_to(default)
       session[:return_to] = nil
     end
     
diff --git a/test/integration/login_to_the_application_test.rb b/test/integration/login_to_the_application_test.rb
index 5e8128c..e18be16 100644
--- a/test/integration/login_to_the_application_test.rb
+++ b/test/integration/login_to_the_application_test.rb
@@ -18,4 +18,15 @@ class LoginToTheApplicationTest < ActionController::IntegrationTest
 
   end
 
+  def test_unauthenticated_user_tries_to_access_his_control_panel
+    Environment.any_instance.stubs(:disable_ssl).returns(true) # ignore SSL for this test 
+
+    get '/myprofile/ze'
+    assert_redirected_to '/account/login'
+
+    post '/account/login', :user => { :login => 'ze', :password => "test" }
+
+    assert_redirected_to '/myprofile/ze'
+  end
+
 end
--
libgit2 0.21.2