X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=app%2Fconfig%2Fsecurity.yml;h=37236d403a92d27e0d489be7db47310fb9966af5;hb=9948d899d3671809e1608788beee9834acbf870e;hp=e161c3b53b911f70f77443f51c30609fa52263ff;hpb=cbce162b407024882d8c37a7e3298c85175d2651;p=github%2Fwallabag%2Fwallabag.git

diff --git a/app/config/security.yml b/app/config/security.yml
index e161c3b5..37236d40 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -16,9 +16,11 @@ security:
     # the main part of the security, where you can set up firewalls
     # for specific sections of your app
     firewalls:
-        #wsse_secured:
-        #    pattern:   /api/.*
-        #    wsse:      true
+        wsse_secured:
+            pattern:      /api/.*
+            wsse:         true
+            stateless:    true
+            anonymous:    true
         login_firewall:
             pattern:    ^/login$
             anonymous:  ~
@@ -54,6 +56,9 @@ security:
                 target: /
 
     access_control:
+        - { path: ^/api/salt, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/, roles: ROLE_USER }