[Flow] security: firewall - wrong path?
Nicola Cerchiari
nicola.cerchiari at gmail.com
Mon Apr 27 09:57:02 CEST 2015
Hi Andre,
I'm not a big expert but reading your configuration something jumped to my
eyes (maybe a stupid one).
Have you tried to remove the final "/" from the mitglied path, as you have
for login? From what you write it seems to me that you deny access to any
child path of mitglied not to the path you wrote in the beginning of your
mail.
Hope it helps,
Nicola
Il giorno lun 27 apr 2015 alle ore 09:42 Andre Hohmann <
mail at andre-hohmann.net> ha scritto:
>
>
> Good morning,
>
> when I define a path at the my Settings.yaml to deny access to the path
> https://server.andre-hohmann.net/flow/Web/itoop.atc/mitglied like the
> following it doesn't work - I get access. My Settings.yaml looks like
> that:
>
> TYPO3:
> Flow:
> security:
> enable: TRUE
>
> firewall:
> rejectAll: FALSE
>
> filters:
> -
> patternType: 'URI'
> patternValue: '/login.*'
> interceptor: 'AccessGrant'
> -
> patternType: 'URI'
> patternValue: '/mitglied/.*'
> interceptor: 'AccessDeny'
>
> authentication:
>
> providers:
> DefaultProvider:
> provider: PersistedUsernamePasswordProvider
>
> entryPoint: 'WebRedirect'
> entryPointOptions:
> routeValues:
> '@package': 'ITOOP.Atc'
> '@controller': 'Login'
> '@action': 'index'
> session:
> inactivityTimeout: 3600
>
> When I try to deny access to everything with the following, that works:
>
> patternValue: '/.*'
>
> Does anybody know, why the path '/mitglied/.*' seems to be configured
> wrong?
>
> Thank you very much.
> --
>
> Mit freundlichen Grüssen
>
> Andre Hohmann
>
>
>
>
>
> ---------------------------------------------------------------------------------------------
>
> http://www.andre-hohmann.net
>
>
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
> vernichten Sie diese E-Mail. Das unerlaubte Kopieren und die unbefugte
> Weitergabe dieser E-Mail sind nicht gestattet.
>
> _______________________________________________
> Flow mailing list
> Flow at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
More information about the Flow
mailing list