问题
Following this tutorial i'm developing a web application using symfony authentication/authorization architecture.
After designing the whole structure (routes, pages and security levels) i'm stuck: how can i develop my pages without enter credentials all the time? Is there any way to disable or turn off the entire firewall functionality? Should i use data fixtures?
回答1:
In your app/config/security.yml file, under the firewalls config option add or modify the dev...
firewalls:
dev:
pattern: ^/
security: false
回答2:
The security.firewalls.dev: configuration is used in every Symfony environment (dev,test,prod)!
In Symfony 4, to achieve disabling firewalls for all routes in just dev environment, you could do something like this:
Setup:
config/packages/security.yaml:
parameters:
# Adds a fallback SECURITY_DEV_PATTERN if the env var is not set.
env(SECURITY_DEV_PATTERN): '^/(_(profiler|wdt)|css|images|js)/'
security:
firewalls:
dev:
pattern: '%env(SECURITY_DEV_PATTERN)%'
security: false
Override per Symfony environment:
create a new file config/packages/dev/parameters.yaml:
parameters:
env(SECURITY_DEV_PATTERN): '^/'
Now all routes are reachable without firewall in Symfony dev environ
Override using environment variables:
You could also override SECURITY_DEV_PATTERN in the .env file:
SECURITY_DEV_PATTERN=^/
This only works if you don't include the .env in your production environment, or if you specifically override the SECURITY_DEV_PATTERN environment variable there as well.
来源:https://stackoverflow.com/questions/8174522/turn-off-firewall-when-developing-in-early-stages-with-symfony2