Remove access control for only signup page - symfony2

StackOverflow https://stackoverflow.com/questions/20918689

  •  24-09-2022
  •  | 
  •  

Question

My access control field in security.yml looks like

access_control:
        - { path: ^/, roles: ROLE_ADMIN }

That means I want to control access for every page on the app. So if anyone trying to access

http://localhost/example/web/app_dev.php/

will be redirected to login page. But my signup page is also there. Login page contains a Signup button. So when I redirect someone to signup page, it triggers access control and redirect to the same login page. That means

http://localhost/example/web/app_dev.php/signup

this can't be accessed.

How can I allow user to access only signup page and not any other pages??

Was it helpful?

Solution

Try to use exclusion pattern like (?!exclude)

access_control:
    - { path: ^/(?!signup), roles: ROLE_ADMIN }

But as for symfony2, signup page you must to exclude at firewall config:

firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

    secured_area:
        pattern: ^/(?!signup)
        anonymous: false
        form_login:
            always_use_default_target_path: true
            default_target_path: /
            check_path: /auth_check
            login_path: /signup/
        logout:
            path:   /logout
            target: /signup/

access_control:
    - { path: ^/, roles: ROLE_ADMIN }
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top