Search code examples
symfonysecurityfirewallhttp-authenticationsylius

Configuring basic HTTP browser-based authentication in my Symfony 2 application - HTTP auth login not displaying

I am attempting to setup basic HTTP browser-based authentication for a section of my Symfony 2 application called /secret.

I would like the /secret page to be publicly accessible, but any page below /secret such as /secret/landing would be behind a SF2 firewall.

When I go to /secret (or of its any child page) I get redirected to my application's /login page instead and I can't see why?

security:
    providers:
        sylius_user_provider:
            id: sylius.user_provider.name_or_email
        in_memory:
            memory:
                users:
                    secret:
                        password: secret
                        roles: 'ROLE_SECRET'

    encoders:
        Symfony\Component\Security\Core\User\User: plaintext

    firewalls:
        main:
            switch_user: { role: ROLE_ADMINISTRATION_ACCESS }
            context:     user
            pattern:     /.*
            form_login:
                provider: sylius_user_provider
                login_path: /login
                check_path: /login_check
                failure_path: /login
                default_target_path: /
                use_forward:  false
                use_referer: true
            remember_me:
                key: %sylius.secret%
                name: APP_REMEMBER_ME
                lifetime: 31536000
                always_remember_me: true
                remember_me_parameter: _remember_me
            oauth:
                resource_owners:
                    facebook: "/login/check-facebook"
                    google:   "/login/check-google"
                    amazon:   "/login/check-amazon"
                login_path:   /login
                failure_path: /login
                oauth_user_provider:
                    service: sylius.oauth.user_provider
            logout: true
            anonymous: true

        secret:
            pattern: ^/secret/.*
            http_basic: ~
            provider: in_memory
            context: secret

    access_control:
        - { path: ^/secret/.*, roles: ROLE_SECRET }
Solution

  • In the event it helps someone in future, this is what I done in security.yml:

    firewalls:
    secret:
        pattern: ^/secret/$
        anonymous: true

    secret_secured:
        pattern: ^/secret/.*$
        http_basic: ~
        provider: in_memory
        context: secret


access_control:
    - { path: ^/secret, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/secret/.*, roles: ROLE_SECRET }