CODEWITHSUNDEEP
phpsecuritysymfony
Johnny
Johnny

Reputation: 578

Secure area in Symfony2

I have a question to the security features of Symfony2. I want to protect a special area of my application under the /my prefix.

My configuration looks like follows:

security.config:
    providers:
        my:
            entity: { class: MyUserBundle:User, property: username }

    firewalls:
        public:
            pattern: /my/login.*
            security: false

        my:
            pattern: /my.*
            form-login:
                check_path: /my/login_check
                login_path: /my/login
            logout: true

    access_control:
        - { path: /my/login.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }

When I try to access the login area, everything works fine, submitting the form leads to an error page, because there is no registered controller for the _security_check route, like its described in the guide:

_security_login:
    pattern: /my/login
    defaults: { _controller: MyUserBundle:Auth:login }

_security_check:
    pattern: /my/login_check

I think normally the SecurityBundle hacks into this process so that no controller is needed. The configuration of Symfony2 is allways very complex.

I think I missed something, hope you can help.
Thanks in advance!

Upvotes: 1

Views: 2874

Answers (2)

1nstinct
1nstinct

Reputation: 1775

You have to define one firewall (that describes all routes) and determine secure zone using access_control part of settings.

Upvotes: 0

Johnny
Johnny

Reputation: 578

I solve the problem with the help of the symfony users mailing group.

Upvotes: 1

Related Questions