Access Control regex symfony 2

I need help to configure the access control part of my symfony website. I want the access for everyone for :

/ : the homepage
/login : the login page
/login_check : the check login page for FOSUserBundle
/register : the register page of FOSUserBundle
/resetting/request : the resetting password page of FOSUserBundle

And I want the user authenticated for all the rest, for example : /abc, /xxx, /yy/xx ...etc

I put this in security.yml, but it don't work, the user have full access to all in all case :

access_control:    
        - { path: /_wdt/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: /_profiler/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: /login, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: /login_check, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: /resetting/request, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: /register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: /, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: /*, role: IS_AUTHENTICATED_FULLY }

What's the problem ?

Thanks ;)

Answers


the problem is that you're missing a period in the last line:

      - { path: /*, role: IS_AUTHENTICATED_FULLY }
              ^^^^^

/* means zero or more slashes (/) .. .it should be /.* to indicate anything followed by a slash

Correct entry should be something like:

      - { path: /.*, role: IS_AUTHENTICATED_FULLY }

Strange using of acls. acl regex is much more simpler. ^ marks the beginning of the url. $ marks the end of the matching url. if no $ is present, all after the "regex" matches. no asterisk at all. Oh, and login_check should be secured

access_control:
    - { path: ^/$, role: IS_AUTHENTICATED_ANONYMOUSLY }  
    - { path: ^/_wdt, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/_profiler, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, role: IS_AUTHENTICATED_FULLY }

Need Your Help

Spring comma separated list of bean references

java spring

In Spring, is it possible to feed a comma separated list of bean references into another bean, ideally without any custom property editors. This list comes from a placeholder that I have no control...

SimpleInjector Verification - is it possible to mark warnings as acceptable to make *new* items obvious?

c# dependency-injection inversion-of-control simple-injector

The SimpleInjector verification feature from time to time has highlighted issues that I have needed to fix. I do however have a couple of "potential" issues that I am comfortable with and I would l...

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.