niklasnatter
commented
2 years ago Hey,
thanks for reaching out! The sulu/skeleton was adjusted to use a single security.yaml instead of a separate security_website.yaml and security_admin.yaml (see https://github.com/sulu/skeleton/pull/114). It looks like the documentation of this bundle was not adjusted to the change yet.
When using the new version of the sulu/skeleton, you need to adjust the existing security.yaml instead of creating a security_website.yaml:
--- config/packages/security.yaml
+++ config/packages/security.yaml
@@ -1,62 +1,65 @@
security:
access_decision_manager:
strategy: unanimous
allow_if_all_abstain: true
encoders:
Sulu\Bundle\SecurityBundle\Entity\User: bcrypt
providers:
sulu:
id: sulu_security.user_provider
access_control:
- { path: ^/admin/reset, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/security/reset, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/_wdt, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/translations, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_USER }
+ # the following rules are needed if the firewall does not allow anonymous users on ^/
+ # - { path: '/login', roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ # - { path: '/registration', roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ # - { path: '/password-reset', roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ # - { path: '/password-forget', roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ # - { path: '/_fragment', roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: '/profile', roles: ROLE_USER }
+ - { path: '/completion', roles: ROLE_USER }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
admin:
pattern: ^/admin(\/|$)
anonymous: true
lazy: true
provider: sulu
entry_point: sulu_security.authentication_entry_point
json_login:
check_path: sulu_admin.login_check
success_handler: sulu_security.authentication_handler
failure_handler: sulu_security.authentication_handler
logout:
path: sulu_admin.logout
success_handler: sulu_security.logout_success_handler
-# website:
-# pattern: ^/
-# anonymous: lazy
-# # The login and logout routes need to be created.
-# # For an advanced user management with registration and opt-in emails have a look at the:
-# # https://github.com/sulu/SuluCommunityBundle
-# # Also have a look at the user context based caching when you output user role specific data
-# # https://docs.sulu.io/en/2.2/cookbook/user-context-caching.html
-# form_login:
-# login_path: login
-# check_path: login
-# logout:
-# path: logout
-# target: /
-# remember_me:
-# secret: "%kernel.secret%"
-# lifetime: 604800 # 1 week in seconds
-# path: /
+ <webspace_key>: # Replace <webspace_key> with the key of your webspace
+ pattern: ^/
+ anonymous: lazy
+ form_login:
+ login_path: sulu_community.login
+ check_path: sulu_community.login
+ logout:
+ path: sulu_community.logout
+ target: /
+ remember_me:
+ secret: "%kernel.secret%"
+ lifetime: 604800 # 1 week in seconds
+ path: /
sulu_security:
checker:
enabled: true
Hi, using the install instruction, I get the following error:
Configuration path "security.access_control" cannot be overwritten. You have to define all options for this path, and any of its sub-paths in one configuration section.
This is my security.yaml:
security: access_decision_manager: strategy: unanimous allow_if_all_abstain: true
sulu_security: checker: enabled: true
security_website.yml:
security: encoders: Sulu\Bundle\SecurityBundle\Entity\User: bcrypt
providers: sulu: id: sulu_security.user_provider
access_control:
needed when firewall on ^/ is not anonymous
firewalls: