[FLOW3-general] How to secure a controller?

Andreas Förthner andreas.foerthner at netlogix.de
Mon Jan 28 10:06:27 CET 2013 

Hi Axel,

what happens if you call a protected error? Do you get an "Access Denied"-Exception? Have you configured an authentication entry point, which would do the redirect to the login controller?

Greets Andi

Von: Qbus | Axel Wüstemann <awu at qbus.de<mailto:awu at qbus.de>>
Organisation: Qbus Werbeagentur GmbH
Antworten an: "awu at qbus.de<mailto:awu at qbus.de>" <awu at qbus.de<mailto:awu at qbus.de>>, General discussion about FLOW3 <flow3-general at lists.typo3.org<mailto:flow3-general at lists.typo3.org>>
Datum: Sonntag, 27. Januar 2013 14:58
An: General discussion about FLOW3 <flow3-general at lists.typo3.org<mailto:flow3-general at lists.typo3.org>>
Betreff: Re: [FLOW3-general] How to secure a controller?

Because I'm working on a learning project, I did not have time to bring
the things further. Now I tried again, but it does not work.

Remember: I want a simple login to an application, which functions are
completely behind the login. So I need a rool, to protect all
controllers but not the LoginControllers.

I now tried the following. According to
http://www.php-resource.de/tutorials/tutorial,10,Regulaere-Ausdruecke.htm

"(?<!Text1)text2" meens "contains text2, if text 1 not occures".

So this should properly mean "all Controllers wich not start with
'Login' and all actions wich not start with 'initialize'".

As I said, it does not work, no redirect to the LoginController occures,
if I call the StandardController.

resources:
   entities: []
   methods:
     SecuredArea:
'method(QBUS\BestDesQ\Controller\(?<!Login)Controller->(?<!initialize).*Action())'

roles:
   Administrator: []

acls:
   Administrator:
     methods:
       SecuredArea: GRANT

It would be great, if someone could assis me further to get this tu run.

Regards
Axel

Dipl.-Inf. Andreas Förthner
Leiter Web-Entwicklung

Telefon: +49 (911) 539909 - 0
E-Mail: andreas.foerthner at netlogix.de
Website: media.netlogix.de<http://media.netlogix.de>

--
netlogix GmbH & Co. KG
IT-Services | IT-Training | Media
Andernacher Straße 53 | 90411 Nürnberg
Telefon: +49 (911) 539909 - 0 | Fax: +49 (911) 539909 - 99
E-Mail: info at netlogix.de<mailto:info at netlogix.de> | Internet: www.netlogix.de<http://www.netlogix.de/>

netlogix GmbH & Co. KG ist eingetragen am Amtsgericht Nürnberg (HRA 13338)
Persönlich haftende Gesellschafterin: netlogix Verwaltungs GmbH (HRB 20634)
Umsatzsteuer-Identifikationsnummer: DE 233472254
Geschäftsführer: Stefan Buchta, Matthias Schmidt

_______________________________________________
FLOW3-general mailing list
FLOW3-general at lists.typo3.org<mailto:FLOW3-general at lists.typo3.org>
http://lists.typo3.org/cgi-bin/mailman/listinfo/flow3-general

More information about the Flow mailing list