Issue with development and logging in with WDT

[joshuataylor]

So when you use the development environment, and logging into the system (say you went to index_dev.php/test), you'll be redirected to:
index_dev.php/_wdt/4e95412bc6871

Rather than the page (index_dev.php/test).

I expect this is because it thinks you want to log into the web profiler toolbar.

Anyone have a workaround for this?

[stof]

You should not put the web debug toolbar in the scope of the firewall to avoid this.

[stof]

Closing as it is not related to FOSUserBundle anyway but to SecurityBundle

[andrewtch]

@joshuataylor, anyway you can always exclude wdt or profiler via adding dev firewall:

  dev:
      pattern:  ^/(_(profiler|wdt)|css|images|js)/
      security: false

@stof, don't you think that that should be added to docs in section like "securing whole app"?

[ccorliss]

I added some rules in security.yml to resolve this. Under access_control:

• { path: ^/_wdt, role: IS_AUTHENTICATED_ANONYMOUSLY }
• { path: ^/_profiler, role: IS_AUTHENTICATED_ANONYMOUSLY }

[tamlyn]

For the benefit of anyone else coming across this issue, be sure to add the dev firewall before your main firewall otherwise it will never match.

[gggeek]

Hello

is this related: FriendsOfSymfony/FOSHttpCache#287 ?
Shall I add a firewall rule for /_fos_user_context_hash ?