-# you can read more about security in the related section of the documentation
-# http://symfony.com/doc/current/book/security.html
security:
- # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
encoders:
- Symfony\Component\Security\Core\User\User: plaintext
+ Wallabag\CoreBundle\Entity\Users:
+ algorithm: sha1
+ encode_as_base64: false
+ iterations: 1
- # http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
ROLE_ADMIN: ROLE_USER
- ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
+ ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
- # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
- in_memory:
- memory:
- users:
- user: { password: userpass, roles: [ 'ROLE_USER' ] }
- admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
+ administrators:
+ entity: { class: WallabagCoreBundle:Users, property: username }
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
- # disables authentication for assets and the profiler, adapt it according to your needs
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- # the login page has to be accessible for everybody
- demo_login:
- pattern: ^/demo/secured/login$
- security: false
+ #wsse_secured:
+ # pattern: /api/.*
+ # wsse: true
+ login_firewall:
+ pattern: ^/login$
+ anonymous: ~
- # secures part of the application
- demo_secured_area:
- pattern: ^/demo/secured/
- # it's important to notice that in this case _demo_security_check and _demo_login
- # are route names and that they are specified in the AcmeDemoBundle
- form_login:
- check_path: _demo_security_check
- login_path: _demo_login
- logout:
- path: _demo_logout
- target: _demo
- #anonymous: ~
- #http_basic:
- # realm: "Secured Demo Area"
+# secured_area:
+# pattern: ^/
+# anonymous: ~
+# form_login:
+# login_path: /login
+#
+# use_forward: false
+#
+# check_path: /login_check
+#
+# post_only: true
+#
+# always_use_default_target_path: true
+# default_target_path: /
+# target_path_parameter: redirect_url
+# use_referer: true
+#
+# failure_path: null
+# failure_forward: false
+#
+# username_parameter: _username
+# password_parameter: _password
+#
+# csrf_parameter: _csrf_token
+# intention: authenticate
+#
+# logout:
+# path: /logout
+# target: /
- # with these settings you can restrict or allow access for different parts
- # of your application based on roles, ip, host or methods
- # http://symfony.com/doc/current/cookbook/security/access_control.html
access_control:
- #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
\ No newline at end of file
+ - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: ^/, roles: ROLE_USER }
projects / github / wallabag / wallabag.git / blobdiff