Thanks for your effort C :), I want to ask you something more: If authentication is defined in the section "firewalls", why do you say the line "/- { path: ^/admin, roles: ROLE_ADMIN }/ " becomes this sentence: "Any URL matching /admin/* is secured, and only the admin user can access it." ???
Javi On Jun 6, 5:42 pm, Christophe COEVOET <s...@notk.org> wrote: > Le 06/06/2011 17:31, Javier Garcia a �crit : > > > On Jun 6, 5:10 pm, Christophe COEVOET<s...@notk.org> wrote: > > >> This is defined in the access_control section which requires having the > >> ROLe_ADMIN role to access all url starting by /admin (and the provider > >> section tells you that the admin user has this role). > > > Thanks C, But the "access_control" section is about the authorization, > > not about the security, isn't it? > > > I repeat my question..The manual says: > > > "Any URL matching /admin/* is secured, and only the admin user can > > access it;" > > > In what line/s exactly is defined that? > > > Javi > > Well, authorization is part of the security (and it requires the > authentication first). And as I said, this is defined by the > access_control section by this line: > > /- { path: ^/admin, roles: ROLE_ADMIN }/ > > -- > Christophe | Stof -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en