The one thing I ran into and that I saw other people struggle with is that "security: false" for a firewall can be easily misinterpreted as a form of access control. Initially I though the simple way to make the login form accessible to anonymous users was to turn security off for the login page and have it enabled for all others. Since I use security related tags in the header twig template that resulted in an error when calling the login page. Once I had figured out that the security setting doesn't deal with access but turns off the whole security extension I was able to get this right.
So mentioning this distinction in the documentation will probably help a lot for beginners to not make the same mistake. Regards, Dennis -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
