Re: [symfony-users] [Symfony2] is_granted() results in error when not logged in

Mon, 28 Mar 2011 14:24:46 -0700 

Is it maybe due to ACL heriarchy ?

I suggest you to try to inverse the ACL like:
access_control:
        - { path: /.*, roles: ROLE_USER }
        - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }


What I notice is that /*. match /login so they collide.


2011/3/28 Dennis Jacobfeuerborn <djacobfeuerb...@gmail.com>

> That's what I suspect but the question is how I got out of the scope of a
> firewall?
>
> security:
>     encoders:
>         Symfony\Component\Security\Core\User\User:
>             algorithm: sha1
>             encode-as-base64: false
>             iterations: 1
>
>     role_hierarchy:
>         ROLE_ADMIN:       ROLE_USER
>         ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
>
>     providers:
>         in_memory:
>             users:
>                 admin: { password:
> 9af2785afcfdd303af47fa698c6000fb731a772d, roles: [ 'ROLE_ADMIN' ] }
>
>     firewalls:
>         profiler:
>             pattern:  /_profiler.*
>             security: false
>
>         wdt:
>             pattern:  /_wdt.*
>             security: false
>
>         login:
>             pattern:  /login
>             security: false
>
>         secured_area:
>
>             pattern:    /.*
>             form_login:
>                 check_path: /login_check
>                 login_path: /login
>             logout:
>                 path:   /logout
>                 target: /login
>             anonymous: true
>             #http_basic:
>             #    realm: "Secured Demo Area"
>
>     access_control:
>         - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
>         - { path: /.*, roles: ROLE_USER }
>
>
>  --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com
>
> You received this message because you are subscribed to the Google
> Groups "symfony users" group.
> To post to this group, send email to symfony-users@googlegroups.com
> To unsubscribe from this group, send email to
> symfony-users+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/symfony-users?hl=en
>

-- 
If you want to report a vulnerability issue on symfony, please send it to 
security at symfony-project.com

You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en

Reply via email to