@@ -25,15 +25,24 @@ the session lasts using a cookie with the ``remember_me`` firewall option:
2525code-block :: xml
2626
2727 <!-- app/config/security.xml -->
28- <config >
29- <firewall >
30- <remember-me
31- key = " %secret%"
32- lifetime = " 604800"
33- path = "/"
34- />
35- </firewall >
36- </config >
28+ <?xml version =" 1.0" encoding =" utf-8"
29+ <srv : container xmlns =" http://symfony.com/schema/dic/security"
30+ xmlns : srv =" http://symfony.com/schema/dic/services"
31+ xmlns : xsi =" http://www.w3.org/2001/XMLSchema-instance"
32+ xsi : schemaLocation =" http://symfony.com/schema/dic/services
33+ http://symfony.com/schema/dic/services/services-1.0.xsd" >
34+
35+ <config >
36+ <firewall >
37+ <!-- lifetime: 604800 seconds = 1 week -->
38+ <remember-me
39+ key =" %secret%"
40+ lifetime =" 604800"
41+ path =" /"
42+ />
43+ </firewall >
44+ </config >
45+ </srv : container >
3746
3847code-block :: php
3948
@@ -52,7 +61,7 @@ the session lasts using a cookie with the ``remember_me`` firewall option:
5261
5362remember_me `` firewall defines the following configuration options:
5463
55- ``key `` (default value: `` null `` )
64+ ``key `` (** required ** )
5665 The value used to encrypt the cookie's content. It's common to use the
5766 ``secret `` value defined in the ``app/config/parameters.yml `` file.
5867
@@ -167,15 +176,18 @@ The Security component provides an easy way to do this. In addition to roles
167176explicitly assigned to them, users are automatically given one of the following
168177roles depending on how they are authenticated:
169178
170- * ``IS_AUTHENTICATED_ANONYMOUSLY `` - automatically assigned to a user who is
171- in a firewall protected part of the site but who has not actually logged in.
172- This is only possible if anonymous access has been allowed.
179+ ``IS_AUTHENTICATED_ANONYMOUSLY ``
180+ Automatically assigned to a user who is in a firewall protected part of the
181+ site but who has not actually logged in. This is only possible if anonymous
182+ access has been allowed.
173183
174- * ``IS_AUTHENTICATED_REMEMBERED `` - automatically assigned to a user who
175- was authenticated via a remember me cookie.
184+ ``IS_AUTHENTICATED_REMEMBERED ``
185+ Automatically assigned to a user who was authenticated via a remember me
186+ cookie.
176187
177- * ``IS_AUTHENTICATED_FULLY `` - automatically assigned to a user that has
178- provided their login details during the current session.
188+ ``IS_AUTHENTICATED_FULLY ``
189+ Automatically assigned to a user that has provided their login details
190+ during the current session.
179191
180192You can use these to control access beyond the explicitly assigned roles.
181193
@@ -201,23 +213,25 @@ In the following example, the action is only allowed if the user has the
201213 // ...
202214 use Symfony\Component\Security\Core\Exception\AccessDeniedException
203215
216+ // ...
204217 public function editAction()
205218 {
206- if (false === $this->get('security.context')->isGranted(
207- 'IS_AUTHENTICATED_FULLY'
208- )) {
219+ $isFullyAuthenticated = $this->get('security.context')
220+ ->isGranted('IS_AUTHENTICATED_FULLY');
221+
222+ if (!$isFullyAuthenticated) {
209223 throw new AccessDeniedException();
210224 }
211225
212226 // ...
213227 }
214228
215229JMSSecurityExtraBundle _,
216- which can secure your controller using annotations:
217-
218- .. code-block :: php
230+ which can secure your controller using annotations::
219231
232+ // ...
220233 use JMS\SecurityExtraBundle\Annotation\Secure;
234+ // ...
221235
222236 /**
223237 * @Secure(roles="IS_AUTHENTICATED_FULLY")
0 commit comments