b85411
Reputation: 10000
How to make some pages not require authentication in Symfony
Currently, any page I go to in my Symfony2 web app well direct the user to log in (if they aren't already logged in). This is okay - except there is one set of pages (my webservices, which will be under /webservice/*) which I don't want to force authentication from. Because it is a JSON webservice that will not be user facing, obviously I don't want it trying to redirect to a log in form.
This is my current security.yml firewall:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/$
security: false
secured_area:
pattern: ^/
form_login:
check_path: my_app_authentication_login
login_path: my_app_authentication_homepage
username_parameter: form[username]
password_parameter: form[password]
default_target_path: my_app_task_homepage
always_use_default_target_path: true
logout:
path: my_app_authentication_logout
target: my_app_authentication_homepage
What do I have to do to make /webservice/* exempt from authentication?
Upvotes: 1
Views: 1152
Answers (1)
Tomasz Madeyski
Reputation: 10890
You need to add to your security.yml file (this must be before your secured_area, order matters):
your_whatever_name:
pattern: ^/webservice/
security: false
Check doc for more info
Upvotes: 5
Related Questions
- How to deny access to all pages in Symfony 2
- custom authentication for certain urls in symfony
- Symfony open a default page for restricted access
- What is the proper way to prevent not logged in users to acces specific pages
- Symfony, put all pages behind login
- Symfony secured pages
- Force user login in Symfony 2
- Symfony2: login from each page
- URL of page that required login in Symfony2
- Bypassing authentication on Symfony2 "welcome" page