@@ -38,94 +38,23 @@ separate articles:
3838* `role_hierarchy `_
3939
4040access_denied_url
41- ~~~~~~~~~~~~~~~~~
41+ -----------------
4242
4343**type **: ``string `` **default **: ``null ``
4444
4545Defines the URL where the user is redirected after a ``403 `` HTTP error (unless
4646you define a custom access denial handler). Example: ``/no-permission ``
4747
48- delete_cookies
49- ~~~~~~~~~~~~~~
50-
51- **type **: ``array `` **default **: ``[] ``
52-
53- Lists the names (and other optional features) of the cookies to delete when the
54- user logs out::
55-
56- .. configuration-block ::
57-
58- .. code-block :: yaml
59-
60- # config/packages/security.yaml
61- security :
62- # ...
63-
64- firewalls :
65- main :
66- # ...
67- logout :
68- delete_cookies :
69- cookie1-name : null
70- cookie2-name :
71- path : ' /'
72- cookie3-name :
73- path : null
74- domain : example.com
75-
76- code-block :: xml
77-
78- <!-- config/packages/security.xml -->
79- <?xml version =" 1.0" encoding =" UTF-8"
80- <srv : container xmlns =" http://symfony.com/schema/dic/security"
81- xmlns : xsi =" http://www.w3.org/2001/XMLSchema-instance"
82- xmlns : srv =" http://symfony.com/schema/dic/services"
83- xsi : schemaLocation =" http://symfony.com/schema/dic/services
84- https://symfony.com/schema/dic/services/services-1.0.xsd" >
85-
86- <config >
87- <!-- ... -->
88-
89- <firewall name =" main"
90- <!-- ... -->
91- <logout path =" ..."
92- <delete-cookie name =" cookie1-name"
93- <delete-cookie name =" cookie2-name" path =" /"
94- <delete-cookie name =" cookie3-name" domain =" example.com"
95- </logout >
96- </firewall >
97- </config >
98- </srv : container >
99-
100- code-block :: php
101-
102- // config/packages/security.php
103-
104- // ...
105-
106- return static function (SecurityConfig $securityConfig): void {
107- // ...
108-
109- $securityConfig->firewall('main')
110- ->logout()
111- ->deleteCookie('cookie1-name')
112- ->deleteCookie('cookie2-name')
113- ->path('/')
114- ->deleteCookie('cookie3-name')
115- ->path(null)
116- ->domain('example.com');
117- };
118-
11948erase_credentials
120- ~~~~~~~~~~~~~~~~~
49+ -----------------
12150
12251**type **: ``boolean `` **default **: ``true ``
12352
12453If ``true ``, the ``eraseCredentials() `` method of the user object is called
12554after authentication.
12655
12756hide_user_not_found
128- ~~~~~~~~~~~~~~~~~~~
57+ -------------------
12958
13059**type **: ``boolean `` **default **: ``true ``
13160
@@ -138,7 +67,7 @@ If ``false``, the exception thrown is of type
13867and it includes the given not found user identifier.
13968
14069session_fixation_strategy
141- ~~~~~~~~~~~~~~~~~~~~~~~~~
70+ -------------------------
14271
14372**type **: ``string `` **default **: ``SessionAuthenticationStrategy::MIGRATE ``
14473
@@ -157,7 +86,7 @@ The possible values of this option are:
15786 other session attributes are lost.
15887
15988access_control
160- ~~~~~~~~~~~~~~
89+ --------------
16190
16291Defines the security protection of the URLs of your application. It's used for
16392example to trigger the user authentication when trying to access to the backend
@@ -166,7 +95,7 @@ and to allow unauthenticated users to the login form page.
16695This option is explained in detail in :doc: `/security/access_control `.
16796
16897firewalls
169- ~~~~~~~~~
98+ ---------
17099
171100This is arguably the most important option of the security config file. It
172101defines the authentication mechanism used for each URL (or URL pattern) of your
@@ -427,7 +356,7 @@ delete_cookies
427356**type **: ``array `` **default **: ``[] ``
428357
429358Lists the names (and other optional features) of the cookies to delete when the
430- user logs out::
359+ user logs out:
431360
432361.. configuration-block ::
433362
0 commit comments