Le 10/12/2011 14:44, Adam a écrit :
When I do something like this in security.yml:
firewalls:
secured_api:
pattern: ^/API/.*
stateless: true
http_basic:
provider: in_memory
My first symfony response contains coockie but it should not because I
put stateless: true?
Here is my response header:
HTTP/1.0 401 A Token was not found in the SecurityContext.
Date: Sat, 10 Dec 2011 13:36:05 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8r DAV/2 PHP/
5.3.6
X-Powered-By: PHP/5.3.6
Set-Cookie: PHPSESSID=5dda93897d4ca5dbc3c38a8dcb94d909; path=/
cache-control: no-cache
www-authenticate: Basic realm="Secured Area"
x-debug-token: 4ee360456f66b
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
Adam
Are you auto-starting the session in your FrameworkBundle configuration
? If yes, it is logical to start a session (and so to send a session
cookie).
--
Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to symfony-devs@googlegroups.com
To unsubscribe from this group, send email to
symfony-devs+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
