If not in IP list, use http_basic

Question

Is it possible to make it so Symfony will ask for http_basic authentification only if the client IP isn't in the list of the firewall?

If yes, can someone provide me a clear small example on how to do it?

score 1 · Answer 1 · answered Aug 14 '18 at 10:17

You can do this with access_control:

security:
    # ...

    firewalls:
        main: 
            anonymous: ~
            http_basic: ~

    access_control:
        - { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY,  ip: 127.0.0.1 }
        - { path: ^/, roles: ROLE_USER }

If not in IP list, use http_basic

1 Answers1