I have a question to the security features of Symfony2. I want to
protect a special area of my application under the "/my" prefix.
My configuration looks like follows:
- - -
security.config:
providers:
my:
entity: { class: MyUserBundle:User, property: username }
firewalls:
public:
pattern: /my/login.*
security: false
my:
pattern: /my.*
form-login:
check_path: /my/login_check
login_path: /my/login
logout: true
access_control:
- { path: /my/login.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - -
When I try to access the login area, everything works fine, submitting
the form leads to an error page, because there is no registered
controller for the "_security_check" route, like its described in the
guide (http://docs.symfony-reloaded.org/master/guides/security/
authentication.html#form-based-authentication):
- - -
_security_login:
pattern: /my/login
defaults: { _controller: MyUserBundle:Auth:login }
_security_check:
pattern: /my/login_check
- - -
I think normally the SecurityBundle hacks into this process so that no
controller is needed. The configuration of Symfony2 is allways very
complex.
I think I missed something, hope you can help.
Thanks in advance!
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
