Le 06/06/2011 17:31, Javier Garcia a écrit :
On Jun 6, 5:10 pm, Christophe COEVOET<s...@notk.org> wrote:
This is defined in the access_control section which requires having the
ROLe_ADMIN role to access all url starting by /admin (and the provider
section tells you that the admin user has this role).
Thanks C, But the "access_control" section is about the authorization,
not about the security, isn't it?
I repeat my question..The manual says:
"Any URL matching /admin/* is secured, and only the admin user can
access it;"
In what line/s exactly is defined that?
Javi
Well, authorization is part of the security (and it requires the
authentication first). And as I said, this is defined by the
access_control section by this line:
/- { path: ^/admin, roles: ROLE_ADMIN }/
--
Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en