I have read the docs and followed this similar question:
Allow anonymous access to specific URL in symfony firewall protected bundle
Using Symfony 4.1.4 I have tried the following:
access_control:
- { path: ^/rpi/service/application/quote/approve, roles: IS_AUTHENTICATED_ANONYMOUSLY}
- { path: ^/rpi, roles: ROLE_USER }
- { path: ^/erp, roles: ROLE_USER }
However when I access the first URI as anonymous I am prompted by the http_basic_ldap login screen. Any ideas?
You need
anonymous: true
in your firewall, as in the default configuration config/packages/security.yml:
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
in_memory: { memory: ~ }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
Anonymous authentication means that the user is authenticated and has a token, but it is an anonymous token.
If you do not have anonymous: true, the AnonymousAuthenticationListener will never run for your firewall, and never create an anonymous token.