@@ -25,8 +25,8 @@ application with HTTP Basic authentication.
2525
2626.. note ::
2727
28- `Symfony's security component `_ is available as a standalone PHP library
29- for use inside any PHP project.
28+ :doc: `Symfony's security component < /components/security/introduction >` is
29+ available as a standalone PHP library for use inside any PHP project.
3030
3131Basic Example: HTTP Authentication
3232----------------------------------
@@ -686,14 +686,11 @@ see :doc:`/cookbook/security/form_login`.
686686Authorization
687687-------------
688688
689- The first step in security is always authentication: the process of verifying
690- who the user is. With Symfony, authentication can be done in any way - via
691- a form login, basic HTTP Authentication, or even via Facebook.
692-
693- Once the user has been authenticated, authorization begins. Authorization
694- provides a standard and powerful way to decide if a user can access any resource
695- (a URL, a model object, a method call, ...). This works by assigning specific
696- roles to each user, and then requiring different roles for different resources.
689+ The first step in security is always authentication. Once the user has been
690+ authenticated, authorization begins. Authorization provides a standard and
691+ powerful way to decide if a user can access any resource (a URL, a model
692+ object, a method call, ...). This works by assigning specific roles to each
693+ user, and then requiring different roles for different resources.
697694
698695The process of authorization has two different sides:
699696
@@ -712,12 +709,6 @@ URL pattern. You've seen this already in the first example of this chapter,
712709where anything matching the regular expression pattern ``^/admin `` requires
713710the ``ROLE_ADMIN `` role.
714711
715- .. caution ::
716-
717- Understanding exactly how ``access_control `` works is **very ** important
718- to make sure your application is properly secured. See :ref: `security-book-access-control-explanation `
719- below for detailed information.
720-
721712You can define as many URL patterns as you need - each is a regular expression.
722713
723714.. configuration-block ::
@@ -769,12 +760,15 @@ to find *one* that matches the current request. As soon as it finds a matching
769760is used to enforce access.
770761
771762Each ``access_control `` has several options that configure two different
772- things: (a) :ref: `should the incoming request match this access control entry<security-book-access-control-matching-options> `
773- and (b) :ref: `once it matches, should some sort of access restriction be enforced<security-book-access-control-enforcement-options> `:
763+ things:
764+
765+ * (a) :ref: `should the incoming request match this access control entry<security-book-access-control-matching-options> `
766+ * (b) :ref: `once it matches, should some sort of access restriction be enforced<security-book-access-control-enforcement-options> `:
774767
775768.. _security-book-access-control-matching-options :
776769
777- **(a) Matching Options **
770+ (a) Matching Options
771+ ....................
778772
779773Symfony2 creates an instance of :class: `Symfony\\ Component\\ HttpFoundation\\ RequestMatcher `
780774for each ``access_control `` entry, which determines whether or not a given
@@ -869,7 +863,8 @@ will match any ``ip``, ``host`` or ``method``:
869863
870864.. _security-book-access-control-enforcement-options :
871865
872- **(b) Access Enforcement **
866+ (b) Access Enforcement
867+ ......................
873868
874869Once Symfony2 has decided which ``access_control `` entry matches (if any),
875870it then *enforces * access restrictions based on the ``roles `` and ``requires_channel ``
@@ -1229,7 +1224,9 @@ class:
12291224 security :
12301225 providers :
12311226 main :
1232- entity : { class: Acme\UserBundle\Entity\User, property: username }
1227+ entity :
1228+ class : Acme\UserBundle\Entity\User
1229+ property : username
12331230
12341231code-block :: xml
12351232
@@ -1773,11 +1770,6 @@ Note that you will *not* need to implement a controller for the ``/logout``
17731770URL as the firewall takes care of everything. You *do *, however, need to create
17741771a route so that you can use it to generate the URL:
17751772
1776- .. caution ::
1777-
1778- You *must * have a route that corresponds to your logout path. Without
1779- this route, logging out will not work.
1780-
17811773.. configuration-block ::
17821774
17831775 .. code-block :: yaml
@@ -1811,6 +1803,11 @@ a route so that you can use it to generate the URL:
18111803
18121804 return $collection;
18131805
1806+ caution ::
1807+
1808+ As of Symfony 2.1, you *must * have a route that corresponds to your logout
1809+ path. Without this route, logging out will not work.
1810+
18141811Once the user has been logged out, he will be redirected to whatever path
18151812is defined by the ``target `` parameter above (e.g. the ``homepage ``). For
18161813more information on configuring the logout, see the
@@ -1930,7 +1927,7 @@ to show a link to exit impersonation:
19301927 .. code-block :: html+jinja
19311928
19321929 {% if is_granted('ROLE_PREVIOUS_ADMIN') %}
1933- <a href="{{ path('homepage', {_switch_user: '_exit'}) }}">Exit impersonation</a>
1930+ <a href="{{ path('homepage', {' _switch_user' : '_exit'}) }}">Exit impersonation</a>
19341931 {% endif %}
19351932
19361933 .. code-block :: html+php
@@ -2114,7 +2111,6 @@ Learn more from the Cookbook
21142111* :doc: `Access Control Lists (ACLs) </cookbook/security/acl >`
21152112* :doc: `/cookbook/security/remember_me `
21162113
2117- .. _`Symfony's security component` : https://github.com/symfony/Security
21182114.. _`JMSSecurityExtraBundle` : http://jmsyst.com/bundles/JMSSecurityExtraBundle/1.2
21192115.. _`FOSUserBundle` : https://github.com/FriendsOfSymfony/FOSUserBundle
21202116.. _`implement the \S erializable interface` : http://php.net/manual/en/class.serializable.php
0 commit comments