security: firewalls: # Disabling the security for the web debug toolbar, the profiler and Assetic. dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false # -> custom firewall for the admin area of the URL admin: pattern: /admin(.*) context: user form_login: provider: fos_userbundle login_path: /admin/login use_forward: false check_path: /admin/login_check failure_path: null logout: path: /admin/logout target: /admin/login anonymous: true # -> end custom configuration # default login area for standard users # This firewall is used to handle the public login area # This part is handled by the FOS User Bundle main: pattern: .* context: user form_login: provider: fos_userbundle login_path: /login use_forward: false check_path: /login_check failure_path: null logout: true anonymous: true role_hierarchy: ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN] ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] SONATA: - ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are using acl then this line must be commented encoders: FOS\UserBundle\Model\UserInterface: bcrypt providers: fos_userbundle: id: fos_user.user_provider.username access_control: # Admin login page needs to be accessed without credential - { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: http } - { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: http } - { path: ^/admin/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: http } - { path: ^/admin/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: http } # Secured part of the site # This config requires being logged for the whole site and having the admin role for the admin part. # Change these rules to adapt them to your needs - { path: ^/admin/, role: [ROLE_ADMIN, ROLE_SONATA_ADMIN], requires_channel: http } - { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: http }