I'm using symfony2 And having a little bit problem about Authentication and access control in symfony firewall.
This is my security.yml
security:
encoders:
test\UserBundle\Entity\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
providers:
administrators:
entity: { class: UserBundle:User, property: email }
firewalls:
login_firewall:
pattern: ^/login$
anonymous: ~
security: true
admin_area:
pattern: ^/cp|/(cp/.*|login_check)
http_basic: ~
form_login:
login_path: _login
check_path: login_check
always_use_default_target_path: true
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY|ROLE_USER }
- { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/(booking/hotelsearchresult), roles: IS_AUTHENTICATED_ANONYMOUSLY }
The thing is in this site, there is no /admin path or a spesefic path for admin. admin is defined by the Role in each page and the contetnt of the pages is diffrent acording to user types. (That's bad I know).
It means I must have all users access to all pages exept some and if they login, they get diffrent type of data.
but I have the following error:
When I log in, and send the user to another path ( which is not defiend as a secured path) it does not show any creditential information?!!!
what should I do to have and access the data with this structure?
Exactly what you wrote: If your path is not under firewall, credential information aren't available there because firewall won't cover them.
In your specific case, you will have access to credential information only on routes that start with
/cp. What you probably want to do is define firewall pattern as^/. So that your firewall covers all paths on your website, and then useaccess_controlor whatever method you use to check access permissions for specific page.