Yes, I am. Thanks for clarification. Adam
On 10 Gru, 14:58, Christophe COEVOET <s...@notk.org> wrote: > Le 10/12/2011 14:44, Adam a crit : > > > > > > > > > When I do something like this in security.yml: > > > firewalls: > > secured_api: > > pattern: ^/API/.* > > stateless: true > > http_basic: > > provider: in_memory > > > My first symfony response contains coockie but it should not because I > > put stateless: true? > > Here is my response header: > > > HTTP/1.0 401 A Token was not found in the SecurityContext. > > Date: Sat, 10 Dec 2011 13:36:05 GMT > > Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8r DAV/2 PHP/ > > 5.3.6 > > X-Powered-By: PHP/5.3.6 > > Set-Cookie: PHPSESSID=5dda93897d4ca5dbc3c38a8dcb94d909; path=/ > > cache-control: no-cache > > www-authenticate: Basic realm="Secured Area" > > x-debug-token: 4ee360456f66b > > Content-Length: 0 > > Connection: close > > Content-Type: text/html; charset=UTF-8 > > > Adam > > Are you auto-starting the session in your FrameworkBundle configuration > ? If yes, it is logical to start a session (and so to send a session > cookie). > > -- > Christophe | Stof -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to symfony-devs@googlegroups.com To unsubscribe from this group, send email to symfony-devs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
