I have one page that is accessible by logged in and non-logged in
users and checks for certain roles in the controller code. In order
that $this->get('security.context') returns something I have the
following lines in my security.yml
mypage:
pattern: ^/shared_page
anonymous: true
When looking at mypage, I see in the web debug toolbar that I'm logged
in as an anonymous user. But when I change to a secured page, I see
that I'm loged in as a regular user. The problem with this is that I
have the line
if($securityContext-
>isGranted(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY)) {
// do anon stuff here
}
in the action for mypage which gets executed even if the user is
logged in as someone else. How can i avoid that?
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
