i made a
apps/frontend/config/security.yml
dev:
default:
is_secure: false
prod:
default:
is_secure: true
but it is not working, am i missing something ?
views:
243answers:
2
+1
A:
What exactly are you trying to achieve? I think you may be misunderstanding the purpose of the is_secure property.
Generally it is used to declare which modules/actions of an application should require authentication (from a plugin such as sfGuard) rather than to protect an entire environment.
Steve
2010-02-21 11:29:02
i want to disable security for testing purpose without modifying the configuration by hand, it's more convenient for me.And yes, some of my module is securised, i just want to test it without security in the dev environment.
belaz
2010-02-21 11:32:20
Unfortunately I think the only way to do this would be to set the dev environment to `is_secure: false` in each secured module.
Steve
2010-02-21 11:56:21
same, environment specific configuration isn't working in module.
belaz
2010-02-21 12:10:08
`all: is_secure: true dev: is_secure: false`Doesn't work? Sorry; I'm stumped!
Steve
2010-02-21 12:21:55
it doesn't work, test it yourself and you'll see
belaz
2010-02-21 13:17:43
@belaz, note that the configuration cascade overrides always at the lower level, so if you set your frontend security to false but have modules that have their own config/security/yml where security is set to true, those modules will remain secure.
Tom
2010-02-21 16:38:56
+2
A:
As steve says, is_secure can't be configured on a per environment basis.
My guess is that you are trying to password protect your entire dev environment? I'd suggest that you use .htaccess/.htpasswd protection or equivalent to protect a site in this way.
If you can't or for whatever reason want to do it in symfony, you could make symfony accept configuration in this way by creating a custom sfSecurityConfigHandler.class.php
Config handlers have a method in them called getConfiguration - this is in charge of getting the values set in the various yml files and creating an array of the final values after all over-rides etc have been applied.
sfSecurityConfigHander.class.php has a getConfiguration like this:
static public function getConfiguration(array $configFiles)
{
$config = self::flattenConfiguration(self::parseYamls($configFiles));
// change all of the keys to lowercase
$config = array_change_key_case($config);
return $config;
}
whilst a configuration that depends on environment, such as sfDatabaseConfigHandler.class.php has one like this:
static public function getConfiguration(array $configFiles)
{
$config = self::replaceConstants(self::flattenConfigurationWithEnvironment(self::parseYamls($configFiles)));
foreach ($config as $name => $dbConfig)
{
if (isset($dbConfig['file']))
{
$config[$name]['file'] = self::replacePath($dbConfig['file']);
}
}
return $config;
}
The key difference here is the use of self::flattenConfigurationWithEnvironment over self::flattenConfiguration. I think if you extend sfSecurityConfigHandler with:
class mySecurityConfigHandler extends sfSecurityConfigHandler {
static public function getConfiguration(array $configFiles)
{
$config = self::flattenConfigurationWithEnvironment(self::parseYamls($configFiles));
// change all of the keys to lowercase
$config = array_change_key_case($config);
return $config;
}
}
and then create a config_handlers.yml file in your config telling symfony to use this class:
modules/*/config/security.yml:
class: sfSecurityConfigHandler
file: %sf_lib_dir%/path/to/mySecurityConfigHandler
You should then be able to use the yml as per the question to configure security per environment.
benlumley
2010-02-21 14:03:39