Stack Overflow
Stack Overflow

Questions tagged [symfony-security]

The Symfony security component is a standalone library that can be used outside of Symfony2 projects.

Symfony security component provides a complete security system for your web application. It ships with facilities for authenticating using HTTP basic or digest authentication, interactive form login or X.509 certificate login, but also allows you to implement your own authentication strategies. Furthermore, the component provides ways to authorize authenticated users based on their roles, and it contains an advanced ACL system.

Useful links

276 questions
0
votes
1 answer

Deny access to ROLE_ADMIN symfony

I work with with Symfony 2.7 and FOSUserBundle 2.0 What i want is to allow access to /admin to ROLE_ADMIN user but to deny him other paths. # app/security.yml access_control: - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path:…
Leogout
  • 1,187
  • 1
  • 13
  • 32
0
votes
1 answer

firewall pattern with parameters on anonymous asking for login

I have a route that has a parameter and its tripping my firewall thinking it needs to be logged in first. I tried to setup the pattern to use the name form at as used in the route but it still saying it requires authentication. is there a special…
Eman
  • 1,093
  • 2
  • 26
  • 49
0
votes
2 answers

Use the chain provider defined from a service

I use multiple user providers in my app: security: providers: chain_provider: chain: providers: [entity, json] entity: id: myapp.entity.user_provider json: id:…
Pierre de LESPINAY
  • 44,700
  • 57
  • 210
  • 307
0
votes
1 answer

Custom Authentication doesn't authenticate the user correctly

I am setting my own custom authenticator in symfony 2.6 however I have got an issue. It doesn't authenticate my user correctly. It does authenticate successfully at first then it fails. Here goes my security.yml security: encoders: …
dextervip
  • 4,999
  • 16
  • 65
  • 93
0
votes
1 answer

Can I use voters to DELETE item in a collection

I would like to use voters to enhence the security in my code. I want only some users to be able to delete collection of items. Here my exemple: I have an Article and Tags associated to the Article. I want an author of the Article to be able to…
Alexis_D
  • 1,908
  • 3
  • 16
  • 35
0
votes
1 answer

What should be the default value for $security?

I'm working on this method: public function loginAction(Request $request, Security $security) { $session = $request->getSession(); $session->remove('admin_project_id'); if ($security->has(Security::AUTHENTICATION_ERROR)) { …
ReynierPM
  • 17,594
  • 53
  • 193
  • 363
0
votes
1 answer

Extend Symfony2 User object

In my data model I have two entities: "Companies" and "Clients". Companies represent companies I own and Clients are my clients. All Companies and Clients should have their own user account to login. Reading about Symfony2's security I created this…
BigJ
  • 1,990
  • 2
  • 29
  • 47
0
votes
1 answer

Session ends even if application is alive and people are working on it

I'm having a "weird" issue in a application I'm working on and so far I can't find a fix for this. The application use Symfony2.6.x and relies in several Ajax calls. All the time request are made through Ajax. So, when I login into the app (uses…
ReynierPM
  • 17,594
  • 53
  • 193
  • 363
0
votes
1 answer

Symfony2: allow all unmatched routes to be accessed anonymously

I have Symfony2 application separated into 2 bundles: BackendBundle for API and FrontendBundle for AngularJS "client". Everything works under firewall. BackendBundle has entities, handles API routes; FrontendBundle has Angular views, routing etc.…
Wirone
  • 3,304
  • 1
  • 29
  • 48
0
votes
1 answer

Always 403 denied acces in symfony 2 despite my user have the role in database

I have always 403 denied access , this is my security.yml security: role_hierarchy: Livreur: Livreur Producteur: Producteur Admin: Admin providers: fos_userbundle: id:…
Houssem Arfaoui
  • 15
  • 2
0
votes
1 answer

Access to /admin, why any user logged into the system can access?

I have days trying to make this work and I can't so as a last resort I hope any can help me here. The point is that my application, as every application has a frontend which should be accessed by any user registered in the system except those that…
ReynierPM
  • 17,594
  • 53
  • 193
  • 363
0
votes
1 answer

Why the session is not cleared in Symfony's unsecured area?

I've implement the Symfony's security component as following: $app['security.firewalls'] = array( 'unsecured_area' => array( pattern' => new RequestMatcher('^/log(in|out).*', null, 'GET') ) , 'secured_area' => array( …
Fractaliste
  • 5,777
  • 11
  • 42
  • 86
0
votes
1 answer

symfony2 security component issue

I have created custom user provider in my symfony 2.3 project. In function loadUserByUsername i am calling webservice to authenticate my user. Now my problem is that i want to get password which was entered in login form. So i passed service…
Jaimin
  • 801
  • 2
  • 12
  • 27
0
votes
1 answer

Get current url within security.yml

In my requirement, a user receives an email with a url, once he clicks the user will be navigated to the url via an authentication process. So to redirect the user to the clicked url I am using the method mentioned here ( Pass parameters when…
Hasitha Shan
  • 2,900
  • 6
  • 42
  • 83
0
votes
0 answers

Symfony - Voter dependancy conflict

I'm having an issue that I've been banging my head on the wall since the last 3 days (and google/stackoverflow research didn't give much result). I'm currently maintaining an application developed by another developer (the original developer left).…
Loïc Lavoie
  • 64
  • 3
1 2 3
18 19