Thank you Christophe :)
I finally updated my routes, firewalls and my login form. So that with
a unique SecurityController, a unique loginAction, a unique
login.html.twig I can manage the connection in function of the
parameter passed in the route (panel or admin).
On May 11, 12:33 pm, Christophe COEVOET <s...@notk.org> wrote:
> Le 11/05/2011 10:23, chafik a �crit :
>
>
>
>
>
>
>
> > Hi,
>
> > I am developping a backend application based on Symfony 2 beta 1.
> > Two types of users can access my backend (Partner and Admin).
>
> > Both of them can connect to the backend with the form login, here is
> > my security.yml :
>
> > public:
> > pattern: ^/public/.*
> > security: false
>
> > panel:
> > provider: default
> > pattern: /panel/.*
> > form_login:
> > login_path: /panel/login
> > check_path: /security/authenticate
> > always_use_default_target_path: true
> > default_target_path: /panel/profile
> > use_referer: false
> > logout: true
>
> > admin:
> > provider: in_memory
> > pattern: /.*
> > form_login:
> > login_path: /admin/login
> > check_path: /security/authenticate
> > always_use_default_target_path: true
> > default_target_path: /admin/partners
> > use_referer: false
> > switch_user: { role: ROLE_SUPER_ADMIN, parameter:
> > letmebe }
> > logout: true
>
> > What I want is that each type of user has his own Provider (an entity
> > for Partner and in_memory for Administrator). The problem here is that
> > I have only one form for both of them, and /admin/login is dedicated
> > to Admin and /panel/login to Partner.
> > The problem is that the check_path is the same (/security/
> > authenticate) and is caught by the admin section of my security.yml
> > since it is supposed to catch all with the pattern "/.*".
>
> > So I can't log in with a Partner because when I come from /panel/
> > login, the Security says that I have to be logged in to access /
> > security/authenticate... No problem to connect with Admin.
>
> > I don't know if I am enough clear :)
> > Do one of you has an idea of how to resolve it ?
>
> > Thank you.
>
> Different firewalls don't share their authentication as they are
> *precisely* about doing the authentication, so using several ones means
> you want several authentication. So if you want to authenticate for a
> firewall, the check_path has to be in the scope of this firewall
> otherwise it cannot be called to authenticate the user.
> /security/authenticate does not trigger the panel firewall so it does
> not authenticate you
>
> --
> Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
