我有一个带有/放在防火墙后面的项目。但是,我希望我的控制器之一是“不安全的”,例如无论身份验证如何都显示其内容。但无论我做什么,捆绑包都是安全的。
我目前的做法是:
安全性.yml:
jms_security_extra:
secure_all_services: true
expressions: true
security:
encoders:
BrokernetGroup\Platea\SecurityBundle\Entity\User:
id: brokernet_group_platea_security.crypt_encoder
role_hierarchy:
providers:
db_users:
entity:
class: BrokernetGroup\Platea\SecurityBundle\Entity\User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/login.html$
security: false
protected_area:
pattern: ^/
form_login:
check_path: /login-check.do
login_path: /login.html
logout:
path: /logout.do
target: /
access_control:
控制器骨架:
<?php
namespace BrokernetGroup\Platea\InfoBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use JMS\SecurityExtraBundle\Annotation as SE;
/**
* Description of InfoController
*
* @author Gergely Polonkai
*
* @SE\PreAuthorize("permitAll")
*/
class InfoController
{
/**
* @Route("/", name="BrokernetGroupPlateaInfo_homepage", hostnamePattern="{hostname}", requirements={"hostname" = "%www_hostnames%"})
* @Template
*/
public function homepageAction()
{
return array();
}
}