Symfony security basic authentication

6
votes

From the symfony book http://symfony.com/doc/current/book/security.html#security-authorization I'm trying to set up the basic http authentication.

The security.yml file looks like this:

security:
    providers:
        in_memory:
            memory: ~

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt|error)|css|images|js)/
            security: false

        default:
            anonymous: ~
            http_basic: ~

        access_control:
            - { path: ^/login, roles: ROLE_USER }

But as soon as I add

    access_control:
        - { path: ^/login, roles: ROLE_USER }

I get a symfony error saying: 

InvalidConfigurationException in ArrayNode.php line 309:
Unrecognized option "0" under "security.firewalls.access_control"

What am I doing wrong? What to do to fix it?

2
phpsymfony

2 Answers

24
votes

Your indentation isn't good

access_control key can't stay under firewalls node

You should modify your security.yml as follows

security:
    providers:
        in_memory:
            memory: ~

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt|error)|css|images|js)/
            security: false

        default:
            anonymous: ~
            http_basic: ~

    access_control:
        - { path: ^/login, roles: ROLE_USER }
2
votes

Remember that if you require ROLE_USER to your /login path then an unauthorised user can't login to your app.