Symfony 1 - Security - Authentication

Symfony 1 uses the YAML files to secure the application.

For example, in this tutorial, we can see with the backend side how to secure the entire application.
But we can also secure only the index of a module or all others webpages excepted the index.
This, with an authenfication.

By default, in your backend side, you have a security.yml file:

// apps/backend/config/security.yml
default:
  is_secure: false

Change the boolean false into true and save it.

Try to see a webpage with the following URL: http://localhost/backend_dev.php/

You are supposed to see the Login Required page.
It means the security is activated.

Then, we create a module named hello and we will insert into a new security.yml file:

// apps/backend/modules/hello/config/security.yml
index:
  is_secure: false
 
all:
  is_secure: true

Try to see your index module page: http://localhost/backend_dev.php/hello

Normally it is OK, you can see this page.

Now try to see another real page inside your hello module, we suppose that you created a database for this module and want to edit the id 37 of this table:

http://localhost/backend_dev.php/hello/37/edit

You can not!
Indeed, we said just before in the security.yml file that the index file is not secure and all others are.

Thus, it is possible to manage the entire application, with this easy way, by saying which pages need an authentication.

Thank you Symfony