Tell whether route is behind firewall in Symfony2

Active3 hr before
Viewed126 times

6 Answers


However, I'm getting an error when the listener responds to events not behind a firewall (such as those in the dev toolbar) since the token is empty and an AuthenticationCredentialsNotFoundException is thrown. However, I can't for the life of me figure out how to tell whether the route is behind a firewall or not. Could anyone help?,Making statements based on opinion; back them up with references or personal experience., Does the stock price drop if one of the largest shareholders of the company sells all their shares? ,Connect and share knowledge within a single location that is structured and easy to search.

First check if token exist:

function onKernelResponse(FilterResponseEvent $event) {
   if (!$this - > container - > get('security.token_storage') - > getToken()) {
   // Rest of code.

Often, the user is unknown (i.e. not logged in) when they first visit your website. If you visit your homepage right now, you will have access and you'll see that you're visiting a page behind the firewall in the toolbar:,When a visitor isn't yet logged in to your website, they are treated as "unauthenticated" and don't have any roles. This will block them from visiting your pages if you defined an access_control rule.,If you're using the default services.yaml configuration, Symfony will automatically pass the security.helper to your service thanks to autowiring and the Security type-hint.,If you're using a custom voter, you can allow anonymous users access by checking if there is no user set on the token:

$ composer require symfony / security - bundle
load more v

In this example, your pattern specifies a prefix of /backend for secured paths. To work, your login check should be behind this same firewall.,I think your problem might come from the fact security is not activated in your / part (the pattern of your secured area is ^/backend),So, to match the pattern which you have specified in your firewall, put login_check on a url path like this: /backend/login_check,The problem also tends to happen when you have two firewall with the same pattern. For example:


   pattern: ^ /(_(profiler|wdt)|css|images|js)/
security: false
   pattern: ^ /backend
anonymous: ~
   provider: entity
login_path: /login
check_path: /login_check
#use_forward: true
   path: /logout
target: /


   pattern: /login
defaults: {
   _controller: VitaSecurityBundle: Default: login
   pattern: /login_check
   pattern: /logout
load more v

Do you know if it's possible to check if a ROLE can access to a route depending on the configuration of the firewall.,Digging in the source code of the security component, this service is created in the cache warmup and let's you know what you want :).,I would like to create a controller to redirect to a route automatically but only if the user have a ROLE allowed to access the route.,GIST Check if a route is accessible for a ROLE or a list of ROLES

       path: ^ /secured/activities,
       roles: ROLE_CLIENT
    } -
       path: ^ /secured/client / user,
load more v

We built this log in form by making a route, controller and rendering a template:,Do you see authentication information on this request that you understand?,Once we activate this new class in the security system, at the beginning of every request, Symfony will call this supports() method and basically ask:,We'll talk about what these methods do one-by-one. Anyways, AbstractAuthenticator is nice because it implements a super boring method for you.

symfony console make: auth
load more v

I am trying to deploy my Symfony app to the Digital Ocean. The problem is with routing - the app cannot find my annotation routes in the Controller, so on requesting the response is default Symfony homepage. , Write for DigitalOcean , DigitalOcean on GitHub ,Since you say it works locally, my best guess would be a caching problem. Go and check /var/www/coinwatch/var/cache - does it have the proper permissions?

My dev.log is :

request.ERROR: Uncaught PHP Exception Symfony\ Component\ HttpKernel\ Exception\ NotFoundHttpException: "No route found for "
GET / ""
at /
   var / www / coinwatch / vendor / symfony / http kernel / EventListener / RouterListener.php line 136 {
      "exception": "[object (Symfony\\Component\\HttpKernel\\Exception\\NotFoundHttpException(code: 0): No route found for \"GET /\" at /var/www/coinwatch/vendor/symfony/http-kernel/EventListener/RouterListener.php:136)\n                    [previous exception] [object] (Symfony\\Component\\Routing\\Exception\\NoConfigurationException(code: 0):  at /var/www/coinwatch/vendor/symfony/routing/Matcher/Dumper/CompiledUrlMatcherTrait.php:182)"
   } []

Here is my server block config file

server {
   listen 80;
   listen[::]: 80;

   server_name coinwatch 104.248 .16 .246;
   root /
      var / www / coinwatch / public;
   index index.php;
   client_max_body_size 100 m;

   location / {
      try_files $uri $uri / /index.php$is_args$args;

   location~\.php {
      try_files $uri / index.php = 404;
      fastcgi_pass unix: /var/run / php / php7 .2 - fpm.sock;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_param SCRIPT_NAME $fastcgi_script_name;
      fastcgi_split_path_info ^ (. + \.php)(/.+)$;
         fastcgi_index index.php; include fastcgi_params;

      location~/\.(?:ht|git|svn) {
      deny all;

On command

php bin / console debug: router
load more v

Other "route-undefined" queries related to "Tell whether route is behind firewall in Symfony2"