12

With this configuration:

firewalls:
    login:
        pattern:  ^/login$
        anonymous:  ~
        security: false

    foo:
        pattern:   ^/foo$
        anonymous: ~
        security: false

    secured_area:
        pattern:    ^/
        form_login:
            login_path: /login
            check_path: /login_check
        logout:
            path:   /logout
            target: /

access_control:
    - { path: ^/, roles: ROLE_ADMIN }
    - { path: ^/foo, roles: IS_AUTHENTICATED_ANONYMOUSLY }

I want to be able to make /foo anonymously accessible. However, when I try to go there even after clearing the cache it won't allow me to and redirects to login screen.

How do I make one route to be anonymously accessible while retaining the rest of the system to be secured?

j0k
  • 22,600
  • 28
  • 79
  • 90
Tower
  • 98,741
  • 129
  • 357
  • 507

1 Answers1

16

Replace

- { path: ^/foo, roles: IS_ANONYMOUS }

with

- { path: ^/foo, roles: IS_AUTHENTICATED_ANONYMOUSLY }

UPDATE

Also, I believe, you will have to add

- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

for authentication to work properly.

For more info check out Avoid Common Pitfalls section here.

Molecular Man
  • 22,277
  • 3
  • 72
  • 89
  • Ok question update and I tried it, but it still redirects to login (I did clear the cache as well). – Tower Feb 27 '12 at 09:15
  • Okay looked liked it just did not work for `dev` environment for some reason. – Tower Feb 27 '12 at 09:18
  • @rFactor, it's hard to tell what's wrong now. Try to find clue in logs. – Molecular Man Feb 27 '12 at 09:30
  • I'm having the same issue, my firewall won't allow anonymous on the one route in dev - the problem is we are only planning on using that route in dev. Did you figure out what was causing it? – Jessica Oct 09 '13 at 15:04
  • @Jessica did you try to switch the order of the access_control rules? – dlondero Oct 15 '13 at 08:21