Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- security:
- encoders:
- Symfony\Component\Security\Core\User\User: plaintext
- role_hierarchy:
- ROLE_ADMIN: ROLE_USER
- ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
- providers:
- in_memory:
- users:
- user: { password: userpass, roles: [ 'ROLE_USER' ] }
- admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
- # the naming of a security provider is up to you, we chose "fos_userbundle"
- fos_userbundle:
- id: fos_user.user_manager
- firewalls:
- profiler:
- pattern: ^/_profiler
- security: false
- wdt:
- pattern: ^/_wdt
- security: false
- login:
- pattern: ^/demo/secured/login$
- security: false
- secured_area:
- pattern: ^/demo/secured/
- form_login:
- check_path: /demo/secured/login_check
- login_path: /demo/secured/login
- logout:
- path: /demo/secured/logout
- target: /demo/
- #anonymous: ~
- #http_basic:
- # realm: "Secured Demo Area"
- main:
- pattern: .*
- form-login:
- provider: in_memory
- login_path: /login
- use_forward: false
- check_path: /login_check
- failure_path: null
- always_use_default_target_path: true
- default_target_path: /
- target_path_parameter: _target_path
- use_referer: false
- logout: true
- anonymous: true
- access_control:
- #- { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
- - { path: ^/$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/_css/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/_img/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/_js/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/twenty/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- # The WDT has to be allowed to anonymous users to avoid requiring the login with the AJAX request
- - { path: ^/_wdt/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/_profiler/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- # AsseticBundle paths used when using the controller for assets
- - { path: ^/js/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/css/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- # URL of FOSUserBundle which need to be available to anonymous users
- - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY } # for the case of a failed login
- - { path: ^/user/new$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/user/check-confirmation-email$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/user/confirm/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/user/confirmed$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/user/request-reset-password$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/user/send-resetting-email$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/user/check-resetting-email$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/user/reset-password/, role: IS_AUTHENTICATED_ANONYMOUSLY }
- # Secured part of the site
- # This config requires being logged for the whole site and having the admin role for the admin part.
- # Change these rules to adapt them to your needs
- - { path: ^/admin/, role: ROLE_ADMIN }
- - { path: ^/.*, role: ROLE_USER }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement