Per-host Firewalls in Symfony2
https://stackoverflow.com/questions/8321335
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Is it possible to map firewalls to a given host, something like this for example:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
admin:
pattern: ^/
host: admin.mysite.com
http_basic:
provider: in_memory
realm: 'MySite Admin'
logout:
main:
pattern: ^/
anonymous: ~
form_login:
provider: fos_userbundle
...
Note the fake "host" param under the admin firewall.
The ability to limit firewalls to particular hosts would make it easy to use providers on a per-host basis. With different domains one doesn't have to worry about overlapping patterns.
Solution
Per host routing has been added in 2.2, support for per-host firewalls were added in 2.4.
Fabien's blog post: http://symfony.com/blog/new-in-symfony-2-4-restrict-security-firewalls-to-specific-hosts
OTHER TIPS
Basically, pretty much any authentication scheme can be implemented with the given Security Concept. In your case you would probably need to define an EntryPoint that also check the host a user is coming from. However you should keep in mind, that the "host" information is not necessarily trustworthy and should probably not be your only measure of authentication.
If you want to find out how to implement an authentication scheme of your own, check out the form-login authentication scheme already provided in the framework bundle. A good place to start is the security factory (Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\FormLoginFactory) which handles the dynamic configuration and injection of all classes involved in the authentication scheme. Also check out the symfony book's section on security for a high level view of the security bundle's architecture.
