TechQA.

symfony2 skip urls from authentication

1.9k views Asked by At

I am developing APIs with symfony2 and I have implemented WSSE authentication. I need to skip authentication for some the URLs as they will be publically accessible. Publically accessible URLs has format like:

www.myserver.com/api/v1/public/testaction1
www.myserver.com/api/v1/public/testaction2

There is one more URL which is publically accessible, which is documentation for API:

www.myserver.com/api/doc/

Except the above-mentioned URLs all other action should come under authetication scheme, I tried tweaking URL pattern under firewall Config option as:

security.yml

 firewalls:
        wsse_secured:
            pattern:   ^/api/[^doc | ^v1\/public/].*

which doesn't seem to work, can you please help me with skipping these URLs from authentication? Am I missing the correct regular expression?

EDIT

Here is the access control section of my security.yml

access_control:
        - {path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY}
php regex symfony wsse
Original Q&A
1

There are 1 answers

3
Christophe Willemsen On BEST ANSWER

You'll need to add a specific firewall for anonymous access : 

firewalls:
  api:
    pattern: ^/api
  doc:
    pattern: ^/api/doc
    security: false
  public:
    pattern: ^/api/public
    security: false

Another option is to allow anonymous users to access these 2 firewalls, I don't know however if it will works with remote curl calls for e.g.

Related Questions in PHP

Related Questions in REGEX

Related Questions in SYMFONY

Related Questions in WSSE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions