Le 21/02/2011 20:50, Lemmi a écrit :
Big thanks for your help.
I'm sorry for that, but I don't understand your message. I allready
have an option for the check and login path under the "/my" prefix -
do I missed something?
The default check_path of the form listener is /login-check so you have
to change it in the configuration if you want to use /my/login-check
When I omit the firewall for the public area I get in an infinite loop
because he tries to redirect me to it self again and again. Do you
maybe have a sample configuration for this? What options do I have to
get a working "access_control" configuration.
You need to use the same firewall for the login pages and the securized
pages but you must of course allow the access to the login pages.
Here is my own security configuration.
As you can see I use a single firewall allowing anonymous authentication
(the simpliest as you need to be in the scope of the firewall without
being authenticated when checking the credentials) and I use the access
control map to restrict the access to the admin part of the site.
security:
encoders:
Tolkiendil\MainBundle\Security\User\MybbUser:
id: tolkiendil.security.encoder
providers:
main:
id: tolkiendil.security.provider
firewalls:
main:
pattern: /.*
form-login:
login_path: /login
use_forward: false
check_path: /login-check
failure_path: null
logout: true
anonymous: true
access_control:
- { path: /admin/.*, role: ROLE_USER }
- { path: /.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
--
Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
