-# you can read more about security in the related section of the documentation
-# http://symfony.com/doc/current/book/security.html
security:
- # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
encoders:
- Symfony\Component\Security\Core\User\User: plaintext
+ Wallabag\CoreBundle\Entity\Users:
+ algorithm: sha1
+ encode_as_base64: false
+ iterations: 1
- # http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
ROLE_ADMIN: ROLE_USER
- ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
+ ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
- # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
- in_memory:
- memory:
- users:
- user: { password: userpass, roles: [ 'ROLE_USER' ] }
- admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
+ administrators:
+ entity: { class: WallabagCoreBundle:Users, property: username }
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
- # disables authentication for assets and the profiler, adapt it according to your needs
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- # the login page has to be accessible for everybody
- demo_login:
- pattern: ^/demo/secured/login$
- security: false
-
- # secures part of the application
- demo_secured_area:
- pattern: ^/demo/secured/
- # it's important to notice that in this case _demo_security_check and _demo_login
- # are route names and that they are specified in the AcmeDemoBundle
+ #wsse_secured:
+ # pattern: /api/.*
+ # wsse: true
+ login_firewall:
+ pattern: ^/login$
+ anonymous: ~
+
+ secured_area:
+ pattern: ^/
+ anonymous: ~
form_login:
- check_path: _demo_security_check
- login_path: _demo_login
+ login_path: /login
+
+ use_forward: false
+
+ check_path: /login_check
+
+ post_only: true
+
+ always_use_default_target_path: true
+ default_target_path: /
+ target_path_parameter: redirect_url
+ use_referer: true
+
+ failure_path: null
+ failure_forward: false
+
+ username_parameter: _username
+ password_parameter: _password
+
+ csrf_parameter: _csrf_token
+ intention: authenticate
+
logout:
- path: _demo_logout
- target: _demo
- #anonymous: ~
- #http_basic:
- # realm: "Secured Demo Area"
-
- # with these settings you can restrict or allow access for different parts
- # of your application based on roles, ip, host or methods
- # http://symfony.com/doc/current/cookbook/security/access_control.html
+ path: /logout
+ target: /
+
access_control:
- #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
\ No newline at end of file
+ - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: ^/, roles: ROLE_USER }
projects / github / wallabag / wallabag.git / blobdiff