Symfony2 - Access control
Question
I want to set access_control for everything, but not for the pattern /login (and maybe some more routes).
So I set up the path for login first, with the role IS_AUTHENTICATED_ANONYMOUSLY . Then I set up the path for everything, with the role IS_AUTHENTICATED_FULLY .
The problem is that login form is now generated twice. I see two login fields, two submit buttons, and so on.
If I remove the access_control rules I have no, and only set to one path like /blog/.* and with role: IS_AUTHENTICATED_FULLY , it works fine, the login form is like it should be.
So my configuration of " you need to be authenticated everywhere except here " does not work.
This is what I tried to do when login form is generated twice:
access_control:
- { path: /login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /.*, role: IS_AUTHENTICATED_FULLY }
Does anyone have any good examples for how to set up such a rule?
2 answers
solution1
12 ACCPTED 2011-03-16 13:07:06
So I got the answer :) So if anyone should have this problem, you also have to let _wdt, and _profiler being accessed anonymously :)
access_control:
- { path: /_wdt/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /_profiler/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /.*, role: IS_AUTHENTICATED_FULLY }
solution2
5 2012-04-25 12:35:13
Don't forget to add this firewall:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.