Allow anonymous access to specific URL in Symfony firewall protected bundle

StackOverflow https://stackoverflow.com/questions/22406764

  •  14-06-2023
  •  | 
  •  

Question

I have a Symfony bundle which can only be accessible by using mydomain.com/box

To access /box you must be logged in, however i would like to enable anonymous access into mydomain.com/box/download

# Security.yml
access_control:
    - { path: ^/box , roles: ROLE_USER}

How can i do ?

Was it helpful?

Solution 

# security.yml
access_control:
    - { path: ^/box/download , roles: IS_AUTHENTICATED_ANONYMOUSLY}
    - { path: ^/box , roles: ROLE_USER}

Symfony2 firewalls are processed in order, and only first matching one will be applied. Therefore, if you put the /box/download before /box, the /box/download rule will be processed and the rest will be ignored.

http://symfony.com/doc/current/book/security.html

OTHER TIPS

Symfony 6

As of Symfony 6 you need to use the role PUBLIC_ACCESS instead of IS_AUTHENTICATED_ANONYMOUSLY.

https://symfony.com/doc/6.0/security.html#allowing-unsecured-access-i-e-anonymous-users

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top