Symfony Version 1.2
sfGuard (Identity management plugin) Version 3.1.3
sfGuard is a Symfony plugin that implements a user management and login system for an application. It supports both groups and individual users.
Installation
symfony plugin:install sfGuardPlugin
symfony propel:build-model
symfony propel:build-sql
symfony propel:build-forms
symfony propel:build-filters
after this please notice that the following tables get created
sf_guard_group
sf_guard_group_permission
sf_guard_permission
sf_guard_remember_key
sf_guard_user
sf_guard_user_group
sf_guard_user_permission
Now enable the modules in settings.yml (this is an optional step) according to the requirement
For eg:
The frontend application may need only sfGuardAuth (only login may be needed to be controled)
The backend may need sfGuardUser, sfGuardGroup, sfGuardPermission (the backend may need to administer groups, permissions and users)
all:
.settings:
enabled_modules: [default, sfGuardGroup, sfGuardUser, sfGuardPermission]
Then clear the cache by
symfony cc
There is an optional feature which u can enable - the remember me filter
Now how we can secure the application
Enable the module sfGuardAuth in settings.yml
all:
.settings:
enabled_modules: [..., sfGuardAuth]
Change the default login and secure modules in settings.yml
login_module: sfGuardAuth
login_action: signin
secure_module: sfGuardAuth
secure_action: secure
Change the parent class in myUser.class.php (app/module/myUser.class.php)
class myUser extends sfGuardSecurityUser
{
}
Now in security.yml add the following asper requirements
is_secure: on
This can be added in a application level or a module level or a page level.
for eg:
if we want to secure the whole application then we can add
default:
is_secure: on
in the security.yml of app/config directory
if we want to secure only a module
all:
is_secure: on
add this to the security.yml in the modules directory
If we need to secure a single file in the app then add the pagename
pagename:
is_secure: off
No comments:
Post a Comment