Le 14/06/2011 16:30, Christophe Bord a écrit :
Hi all,
I was testing the security section from the current documentation but
i ran into some trouble.
http://symfony.com/doc/current/book/security.html
Beneath "avoid common pitfalls"
2. Be sure the login page isn't secure
I tried the describded pitfall
access_control:
- { path: ^/, roles: ROLE_ADMIN }
which relsults in a redirect loop.
Then the documentation presents a fix.
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_ADMIN }
My problem is that, at this point, the resulting form appears
"double". 2 forms.
my security.yml :
security:
firewalls:
login_firewall:
pattern: ^/authentification$
anonymous: ~
secured_area:
pattern: ^/
form_login:
login_path: /authentification
check_path: /authentification_verif
access_control:
- { path: ^/authentification, roles:
'IS_AUTHENTICATED_ANONYMOUSLY' }
- { path: ^/, roles: 'ROLE_ADMIN' }
providers:
in_memory:
users:
admin: { password: toto1512, roles: 'ROLE_ADMIN' }
Have someone any Idea which could explain this ?
Thanks,
You are requiring the authentication for the url of the Ajax call done
to load the web debug toolbar.
--
Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en