[FLOW3-general] Security Framework: access on resource for not logged user
Thomas Plessis
t.plessis at totemnumerique.com
Tue Oct 16 09:30:56 CEST 2012
Hi!
Maybe you need to "DENY" access to login page for employee, like this :
> Employee:
> methods:
> Login_Method: DENY
regards,
Thomas Plessis
Développeur multimédia
--
TOTEMnumerique
9, Place St Étienne
31000 Toulouse
T. 05 61 14 64 54
F. 05 61 14 64 55
Le 16 oct. 2012 à 08:32, Robin Lehrmann a écrit :
> Hello together!
>
> I have a login page. If the user has the 'Anonymous' role, he can access on the Login page.
> The Employee role cannot access on the login page.
>
> My Policy.yaml:
>
> roles:
> # Anonymous: []
> Employee: []
> NewsletterAdministrator: [Employee]
> CustomerAdministrator: [Employee]
> ArticleAdministrator: [Employee]
> GalleryAdministrator: [Employee]
> Administrator: [Employee]
>
> resources:
> methods:
> Login_Methods: 'method(Pkg\Authenticator\Controller\LoginController->(login|authenticate)Action())'
> Logout_Method: 'method(Pkg\Authenticator\Controller\LoginController->logoutAction())'
>
> acls:
> Anonymous:
> methods:
> Login_Methods: GRANT
> Employee:
> methods:
> Logout_Method: GRANT
>
> Im not logged in on my page and get a redirection error. I dont understand it, because if I var_dump:
>
> /**
> * @Flow\Inject
> * @var \TYPO3\Flow\Security\Context
> */
> protected $securityContext;
>
> public methodAction() {
> var_dump($this->securityContext->getRoles());
> }
>
> I get two roles: Everybody and Anonymous. Please help me.
> _______________________________________________
> FLOW3-general mailing list
> FLOW3-general at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/flow3-general
More information about the FLOW3-general
mailing list