Chopchop
Reputation: 2949
Reject anonymous connection except for some url
I need to deny anonymous connections except for some url.
firewalls:
install:
pattern: ^/install/.*
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
login_path: /login
check_path: /login_check
use_forward: true
always_use_default_target_path: true
default_target_path: /
post_only: true
logout: true
anonymous: ~
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login_check, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/install/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/*, roles: ROLE_USER }
It sounds like the line "- { path: ^/*, roles: ROLE_USER }" does the job, but override my firewall "Install" cause they share the same root (pattern /).
How can i do?
Upvotes: 0
Views: 547
Answers (1)
AdrienBrault
Reputation: 7745
One quick way would be to exclude the /install path from your main firewall:
firewalls:
install:
pattern: ^/install/.*
security: false
main:
pattern: ^/(?!install/)
...
Upvotes: 1
Related Questions
- How to block url when the user has not verified their account ? (Symfony 6)
- Allow anonymous access to specific URL in Symfony firewall protected bundle
- Symfony, allow access to all routes, except one (or two)
- Prevent route access
- symfony 3 - how to allow unauthenticated access to a URL prefix
- Symfony2 allow anonymous for certain routes with certain methods
- custom authentication for certain urls in symfony
- Symfony2 security allowing all URLs and not blocking anything
- Symfony2 and anonymous access to some route
- How to decline user authentication request depending on its ip address in Symfony2