For anyone else having similar problems who finds this thread. If you are trying to secure individual modules I had no joy putting them in app/config/security.yml
What worked was creating individual config/security.yml files for each module with: all: is_secure: true credentials: [foo,bar] etc This worked fine, doing it at the app/config level just meant symfony didn't restrict access. Hope this helps someone else. TW On Apr 1, 3:26 pm, wueb <webmaster....@gmail.com> wrote: > I solved. > > The problem was because i was logged with a "is_super_admin" user!! > When that happens he ignore thecredentialsand he have full access to > everything!! -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en