app/config/security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User:
algorithm: sha512
iterations: 1
FOS\UserBundle\Model\UserInterface:
algorithm: sha512
iterations: 1
PartKeepr\AuthBundle\Entity\User:
algorithm: md5
iterations: 1
encode_as_base64: false
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
chain_provider:
chain:
providers: [in_memory, fos_userbundle, fr3d_ldapbundle, legacy]
legacy:
id: partkeepr_legacy_user_provider
in_memory:
memory: ~
fos_userbundle:
id: fos_user.user_provider.username
fr3d_ldapbundle:
id: fr3d_ldap.security.user.provider
firewalls:
login:
pattern: ^/api/users/getSalt
security: false
main:
stateless: false # Stores authentification within a cookie. This is important to allow file uploads without having to send authentification data.
pattern: ^/api/.*
provider: chain_provider
fr3d_ldap_httpbasic:
provider: chain_provider
http_basic:
provider: chain_provider
remote_user:
provider: chain_provider
wsse:
realm: "Secured with WSSE" #identifies the set of resources to which the authentication information will apply (WWW-Authenticate)
profile: "UsernameToken" #WSSE profile (WWW-Authenticate)
encoder: #digest algorithm
algorithm: sha512
encodeHashAsBase64: true
iterations: 1
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }