From e1e69d9c22433d747982be2672328477b9cfdd56 Mon Sep 17 00:00:00 2001 From: David Buchmann Date: Fri, 1 Jul 2016 14:25:41 +0200 Subject: [PATCH] clarify that user context url needs to be available to anonymous users --- Resources/doc/features/user-context.rst | 13 ++++++++++++- Resources/doc/spelling_word_list.txt | 1 + 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/Resources/doc/features/user-context.rst b/Resources/doc/features/user-context.rst index 05e21b67..05b25717 100644 --- a/Resources/doc/features/user-context.rst +++ b/Resources/doc/features/user-context.rst @@ -49,7 +49,7 @@ You need to configure a route for the context hash. It does not specify any controller, as the request listener will abort the request right after the firewall has been applied, but the route definition must exist. Use the same path as you specified in the caching proxy and make sure that this path is -covered by your +allowed for anonymous users and covered by your `firewall configuration `_: .. code-block:: yaml @@ -58,6 +58,17 @@ covered by your user_context_hash: path: /_fos_user_context_hash +If your access rules limit the whole site to logged in users, make sure to +handle the user context URL like the login page: + +.. code-block:: yaml + + # app/config/security.yml + access_control: + - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } + - { path: ^/_fos_user_context_hash, roles: [IS_AUTHENTICATED_ANONYMOUSLY] } + - { path: ^/, roles: ROLE_USER } + Finally, enable the subscriber with the default settings: .. code-block:: yaml diff --git a/Resources/doc/spelling_word_list.txt b/Resources/doc/spelling_word_list.txt index 11bec598..6aacfdf2 100644 --- a/Resources/doc/spelling_word_list.txt +++ b/Resources/doc/spelling_word_list.txt @@ -14,4 +14,5 @@ lookup lookups TTL multi +login logout