Symfony 2 security - not having secured area under a prefix

Question

Using Symfony 2 it's possible to create secured areas under a specific URL prefix. For example you could have a members area located under a 'members' prefix like so:

www.site.co.uk/members
www.site.co.uk/members/edit
www.site.co.uk/members/settings

Instead of doing this is it possible to put the whole app behind a firewall using / as the prefix? So the only pages visible to the public are the login and registration pages.

Anyone visiting www.site.co.uk who isn't logged in would see the login page. Once logged in visiting www.site.co.uk would show the app's home page instead. Both pages would be under the same route (/), you would just see one or the other depending on if you are logged in or not.

At the moment setting my firewall's pattern to / results in a redirect loop because my login form (which is under the homepage route '/') is then behind the firewall.

How do I got about implementing a login process as described above? Is it possible out of the box?

Thanks

score 0 · Accepted Answer · answered Aug 11 '13 at 18:08

0

Why nobody reads the part about access control?

security:
    firewalls:
        main:
            pattern: ^/
            # other settings
            anonymous:    true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_USER }

answered Aug 11 '13 at 18:08

Emii Khaos

9,983
3
34
57

You would probably need to set `^/css` and `^/js` (and other root folder that everyone needs to be able to access for your site to work properly) to `IS_AUTHENTICATED_ANONYMOUSLY` too. – qooplmao Aug 12 '13 at 13:23

Symfony 2 security - not having secured area under a prefix

1 Answers1