|
1 | | -.. note:: |
2 | | - |
3 | | - This documentation is under construction, more to come soon |
4 | | - |
5 | | - |
6 | | - |
7 | 1 | Security |
8 | 2 | ======== |
9 | 3 |
|
10 | 4 | Features |
11 | | -~~~~~~~~ |
12 | | - |
13 | | - - Insert here the different feature available for this plugin |
| 5 | +-------- |
14 | 6 |
|
15 | | -Configuration |
16 | | -~~~~~~~~~~~~~ |
17 | | - |
18 | | - - Insert the yaml configuration for the DI |
| 7 | + - Add security and access control to your application |
| 8 | + - The current implementation is based on the `Security Component`_ from the Symfony2 framework. |
19 | 9 |
|
20 | | -.. code-block:: yaml |
| 10 | +.. note:: |
21 | 11 |
|
22 | | - element.plugins.cache: |
23 | | - cache_control: |
24 | | - - { "path": "^.*\\.(txt|jpg|png|gif|xls|doc|docx)$", "Cache-Control": ['public', 's-maxage=14212800']} |
25 | | - - { "path": "^(blog|gallery).*", "Cache-Control": ['public', 's-maxage=3600']} |
26 | | - - { "path": "^.*\\.rss", "Cache-Control": ['public', 's-maxage=3600']} |
27 | | - - { "path": "^contact.*", "Cache-Control": ['private', 'must-revalidate']} |
28 | | - - { "path": "^/$", "Cache-Control": ['public', 's-maxage=3600']} |
| 12 | + For now, there is only one authentication implemented: the http basic. |
29 | 13 |
|
30 | | -Events |
31 | | -~~~~~~ |
| 14 | +Configuration |
| 15 | +------------- |
32 | 16 |
|
33 | | - - List event or entry points for this plugin |
| 17 | +There is no configuration option. You only need to enable the plugin by adding this line into the IoC configuration file. |
34 | 18 |
|
35 | | -Architecture |
36 | | -~~~~~~~~~~~~ |
| 19 | +.. code-block:: yaml |
37 | 20 |
|
38 | | - - Provide information about how the feature is implemented |
| 21 | + element.plugins.security: |
| 22 | + role_hierarchy: |
| 23 | + ROLE_PUBLIC: [IS_AUTHENTICATED_ANONYMOUSLY] |
| 24 | + ROLE_ADMIN: [ROLE_PUBLIC, ROLE_USER] |
| 25 | +
|
| 26 | + providers: |
| 27 | + in_memory: |
| 28 | + users: |
| 29 | + - {'username': 'admin', 'password': 'admin', roles: ['ROLE_ADMIN']} |
| 30 | +
|
| 31 | + firewalls: |
| 32 | + private: |
| 33 | + pattern: ^/(admin|api)(.*) |
| 34 | + http_basic: |
| 35 | + provider: element.plugins.security.provider.in_memory |
| 36 | + # login_path: /admin/login |
| 37 | + # use_forward: false |
| 38 | + # check_path: /admin/login_check |
| 39 | + # failure_path: null |
| 40 | + # logout: |
| 41 | + # path: /admin/logout |
| 42 | + anonymous: false # allow anonymous connection |
| 43 | +
|
| 44 | + public: |
| 45 | + pattern: "^/.*" |
| 46 | + anonymous: true # allow anonymous connection |
| 47 | +
|
| 48 | + access_control: |
| 49 | + - { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } |
| 50 | + - { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY } |
| 51 | + - { path: ^/admin/login-check$, role: IS_AUTHENTICATED_ANONYMOUSLY } |
| 52 | + - { path: ^/(admin|api), role: ROLE_ADMIN } |
| 53 | + - { path: ^/.*, role: ['IS_AUTHENTICATED_ANONYMOUSLY'] } |
| 54 | +
|
| 55 | +
|
| 56 | +
|
| 57 | +.. _Security Component:: http://symfony.com/doc/current/book/security.html |
0 commit comments