0

I have the following configuration options for my Symfony 2.6 application:

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        secured_area:
            pattern:    ^/
            stateless:  true
            http_basic:
                realm: "Some text here"

    providers:
        in_memory:
            memory:
                users:
                    user1:  { password: pass1 }
                    user2: { password: pass2 }

As you can see I have 2 users that can access pretty much any route.

What I want is to extend this permission and allow access to anyone who provides some non-empty values as username/password.

For example, user1/pass1 would still work, but so would someone/mypassword or anyone/blabla and so on. Basically an infinite combination of usernames and passwords, as long as some values are provided.

How can I change the above configuration to do what I want ?

I went through pretty much all of Symfony's security documentation and played around with a lot of the stuff in there, none of which worked. The one solution which I haven't tried is writing my own authentication provider, but it looks very complex and hard to do correctly and could be a huge waste of time if there is a way simpler solution (which I can't find at-the-moment).

Radu Murzea
  • 10,724
  • 10
  • 47
  • 69

1 Answers1

0

Like you already mention, you'd have to set up your own authentication provider.

http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html

Luke
  • 20,878
  • 35
  • 119
  • 178
  • Damn, exactly what I was trying to avoid. OK, I will give it a shot. If it works, I will post the code here, maybe it will help another lost soul who has the same problem. Thanks for your answer :) . – Radu Murzea Oct 01 '15 at 11:26