Le 11/05/2011 21:30, thesaint a écrit :
this role is granted to all users as there is an inheritance in the status. Allowing only anonymous users somewhere does not make sense. so the way to check if the user is anonymous is to check if it is *not* remembered.I have one page that is accessible by logged in and non-logged in users and checks for certain roles in the controller code. In order that $this->get('security.context') returns something I have the following lines in my security.ymlmypage: pattern: ^/shared_page anonymous: true When looking at mypage, I see in the web debug toolbar that I'm logged in as an anonymous user. But when I change to a secured page, I see that I'm loged in as a regular user. The problem with this is that I have the line if($securityContext-isGranted(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY)) {// do anon stuff here } in the action for mypage which gets executed even if the user is logged in as someone else. How can i avoid that?
-- Christophe | Stof -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
