Le 12/05/2011 13:47, thesaint a écrit :
Ah, thanks. So then let me rephrase my question: How do I configure
firewalls in security.yml for a page that allows authenticated users
but also showing content to anonymous users? How Do I configure it in
a way that the regular user info takes precedence to the anonymous
info?
I have tried the following:
mypage:
pattern: ^/shared_page
form_login:
check_path: /logincheck
login_path: /login
logout:
path: /logout
target: /
anonymous:
But still got the anonymous user back.
If the user is still authenticated, it never got an anonymous token but
always its authenticated token. The anonymous listener is used last,
when all other way to authenticate the user have failed.
The issue in your case is that the check_path (/logincheck) is not
catched by the firewall as it does not match the pattern of the firewall
(/shared_page/*). So you are never authenticated against this firewall.
You will have the same issue with the logout listener.
I advice you to look at the new version of the Security doc in the
dedicated branch of the symfony-docs repo. It explains it better than
the current doc (but it is not yet completed).
--
Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en