Re: [symfony-devs] [Symfony2] SecurityLightBundle

Wed, 20 Apr 2011 15:20:57 -0700 

On 21.04.2011, at 00:14, Greg Militello wrote:

> My thought is that security is something we should provide an easy mechanism 
> to implement.  However writing a new bundle to get rid of multiple firewalls 
> seems like a bad approach.
>       • Documentation!  To be clear, our documentation should show a user a 
> quick way to get running without covering the nitty-gritty of multiple 
> firewalls.  Multiple firewall support should be covered later. 
>       • A SecurityLightBundle introduces more code that needs to be tested, 
> and maintained.
>       •  If a developer implements SecurityLightBundle and needs 
> SecurityBundle at a later date it requires refactoring.  Refactoring that 
> will likely raise more questions, and require support.
> 
> I am EXTREMELY for simplistic implementations inside of documentation, or 
> even as published examples.  An application walkthrough (similar to Askeet or 
> Jobeet) would be great to show the evolution of an application from a single 
> firewall to multiple firewalls.  I personally find that examples of patterns 
> more useful after i've seen them used once.  
> 
> (Not trying to be cruel Lucas.  But you did describe an issue; 
> "Authentication in Symfony 2 can be complex, and developers will likely be 
> confused if they dove in now.")

I dont think you understood my proposal. All I proposed is a simplified 
configuration layer put in front of the SecurityBundle

Just as a quick example (might not be 100% perfect):

security_light:
    form_login:
        login_path: /login
        check_path: /login-check

    logout: true

Could be equivalent to:

security:
    firewalls:
        profiler:
            pattern:  ^/_profiler
            security: false

        wdt:
            pattern:  ^/_wdt
            security: false

        main:
            pattern:   /.*
            form_login:
                login_path: /login
                check_path: /login-check

            anonymous: true

            logout: true

    access_control:
        - { path: /.*, role: IS_AUTHENTICATED_ANONYMOUSLY }

regards,
Lukas Kahwe Smith
[email protected]



-- 
If you want to report a vulnerability issue on symfony, please send it to 
security at symfony-project.com

You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en

Reply via email to