Thanks for your effort C :), I want to ask you something more:
If authentication is defined in the section "firewalls", why do you
say the line "/- { path: ^/admin, roles: ROLE_ADMIN }/ " becomes this
sentence: "Any URL matching /admin/* is secured, and only the admin
user can access it." ???
Javi
On Jun 6, 5:42 pm, Christophe COEVOET <s...@notk.org> wrote:
> Le 06/06/2011 17:31, Javier Garcia a �crit :
>
> > On Jun 6, 5:10 pm, Christophe COEVOET<s...@notk.org> wrote:
>
> >> This is defined in the access_control section which requires having the
> >> ROLe_ADMIN role to access all url starting by /admin (and the provider
> >> section tells you that the admin user has this role).
>
> > Thanks C, But the "access_control" section is about the authorization,
> > not about the security, isn't it?
>
> > I repeat my question..The manual says:
>
> > "Any URL matching /admin/* is secured, and only the admin user can
> > access it;"
>
> > In what line/s exactly is defined that?
>
> > Javi
>
> Well, authorization is part of the security (and it requires the
> authentication first). And as I said, this is defined by the
> access_control section by this line:
>
> /- { path: ^/admin, roles: ROLE_ADMIN }/
>
> --
> Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
