Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PR #157 ignores security.yml anonymous path #160

Closed
maciejmiara opened this issue Apr 10, 2016 · 2 comments
Closed

PR #157 ignores security.yml anonymous path #160

maciejmiara opened this issue Apr 10, 2016 · 2 comments

Comments

@maciejmiara
Copy link

Merged PR #157 commit 3051ad5 (Add Events::JWT_INVALID and Events::AUTHENTICATION_FAILURE listening) causes an error.

Now, even though I have following setting in security.yml:

access_control:
- { path: ^/api/v1/sign_in$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/v1/client/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/v1/employee/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }

I receive 401 response for "api/v1/employee/register" with information that no JWT token has been provided, but I don't want to provide it, because it is route with anonymous access.
@maciejmiara maciejmiara changed the title PR #157 broke security.yml settings PR #157 ignores security.yml anonymous path Apr 10, 2016
@chalasr
Copy link
Collaborator

chalasr commented Apr 10, 2016

@maciejmiara Thank you for the report.
I already submitted a PR #159 that fixes the bug, it will be merged as soon as possible (hope tomorrow).
Sorry for the inconvenience.

@slashfan
Copy link
Contributor

Fixed in 1.5.1 tag

@vitorsgomes vitorsgomes mentioned this issue Apr 13, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@slashfan @maciejmiara @chalasr