Why doesn't Symfony2 require authorization even after I set up security?

Question

Why doesn't Symfony2 require authorization even after I set up security?

This is my security setting for my Symfony2 project:

security: providers: main: users: asa: { pasword: test, roles: ROLE_USER } firewalls: application: pattern: /.* http_basic: true security: true logout: true

Despite the fact that I followed the documentation, configure the user, require authentication for the entire site, it still allows me to access it as an anonymous user. Logs say "Populated SecurityContext with anonymous token"

I am using the latest sandbox version where ".config" has been removed from "security.config"

+4

symfony

Asa ayers Feb 21 '11 at 7:01

source share

1 answer

Asa ayers · Accepted Answer · 2011-02-23T04:01:37+0000

This did not work because I was absent

 access_control: - { path: /.*, role: ROLE_USER }

Looking at the logs and some of the provider code, the firewall section tried to find my user, but without access_control he had no need to force me to be an anonymous user.

Why doesn't Symfony2 require authorization even after I set up security?

More articles: