I want to use a symfony2 application with 2 firewalls: one with users from database for the frontend, and another with in memory users for the backend.
I have read through all the documentations and various stackoverflow questions, but I cannot solve my problem.
This is my security.yml configuration so far:
security:
firewalls:
frontend:
pattern: ^/
provider: fe_users
anonymous: ~
form_login:
username_parameter: _email
login_path: _login
check_path: _login_check
remember_me: true
default_target_path: _profile
#always_use_default_target_path: true
logout:
path: /logout
target: /
remember_me:
key: MiPassphrase
lifetime: 1800
path: /.*
domain: ~
backend:
pattern: ^/backend
provider: be_users
anonymous: ~
http_basic:
realm: ""
access_control:
- { path: ^/backend$, roles: ROLE_ADMIN }
- { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
encoders:
vv\xx\Entity\User:
algorithm: bcrypt
Symfony\Component\Security\Core\User\User: plaintext
providers:
fe_users:
entity: { class: vvxx:User, property: email }
be_users:
memory:
users:
d: { password: c, roles: 'ROLE_ADMIN' }
What happens with that:
The frontend authentication works fine. If user is not logged in to frontend, the visit of /backend redirects me to /login. If user IS logged in (and authenticated) to frontend, the visit of /backend gives me a 403 access denied. A "classic" http authentication loginform never appears.
Can anybody have a look at my configuration and figure out what I'm doing wrong here?
I really appreciate your help :)
