Skip to content


Subversion checkout URL

You can clone with
Download ZIP

Loading… has incorrect AcmeDemoBundle removal steps #434

noetix opened this Issue · 5 comments

4 participants


Following the AcmeDemoBundle removal steps exactly has unexpected results.

The documentation says:

  • remove the security.providers, security.firewalls.login and security.firewalls.secured_area entries in the security.yml file or tweak the security configuration to fit your needs.

The first error we encounter:

The child node "providers" at path "security" must be configured.

This is because security.providers has to have at least one provider.

The second error we encounter, after we re-instate our security provider:

You must at least add one authentication provider.

Again, we need at least one "firewall".

Here is how the community is resolving this issue:


Imo we should have a way to disable the security bundle if we don't need it.
Removing it from AppKernel looks messy to me so maybe we need a configuration parameter to skip the initialization of all security stuff if we don't need it.

cc @fabpot @schmittjoh


i dont understand why that would be considered messy? the SE is a starting point .. you can fork it but from then on you make it your own.


Consider having this in security.yml instead of removing the file and the line from the AppKernel:

    secure_all_services: false
    expressions: true

    enabled: false

For me at least, this is why config files are for, configure things instead of removing them from different places.


Also, removing SecurityBundle also means removing JMSSecurityExtraBundle and also means removing security.yml which, if you don't know from begining, will cause some frustration for new users.

Plus adding them back later on the project is not fun! :)


Closing this old issue now that I've tweaked the README about how to remove the security configuration of the Acme bundle.

@fabpot fabpot closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.