[Flow] security: firewall - wrong path?
Steffen Wickham
steffen at gaming-inc.de
Mon Apr 27 10:18:38 CEST 2015
Good morning guys,
just a rough guess, as I'd never used filter before because I'm using
Policy.yaml to configure the accessability, but it should interfere with
you non standard setup of your virtual host. So I suggest to setup your
Webserver correctly (DocumentRoot set to your flow/Web directory) and
try it again. Just for testing purposes try to set yout patternValue for
"mitglied" to "/flow/Web/mitglied/.*".
All the best
Steffen
Am 27.04.15 um 10:12 schrieb Andre Hohmann:
>
>
> Good morning Nicola,
>
> yes, I tried that, too, with the same result. And yes, I want to deny
> any child path of mitglied...if you try
> https://server.andre-hohmann.net/flow/Web/itoop.atc/mitglied/index it
> doesn´t work, too.
>
> ---
>
> Mit freundlichen Grüssen
>
> Andre Hohmann
>
> Am 2015-04-27 09:57, schrieb Nicola Cerchiari:
>
>> Hi Andre,
>> I'm not a big expert but reading your configuration something jumped to my
>> eyes (maybe a stupid one).
>> Have you tried to remove the final "/" from the mitglied path, as you have
>> for login? From what you write it seems to me that you deny access to any
>> child path of mitglied not to the path you wrote in the beginning of your
>> mail.
>>
>> Hope it helps,
>> Nicola
>>
>> Il giorno lun 27 apr 2015 alle ore 09:42 Andre Hohmann <
>> mail at andre-hohmann.net> ha scritto:
>>
>>> Good morning, when I define a path at the my Settings.yaml to deny access to the path https://server.andre-hohmann.net/flow/Web/itoop.atc/mitglied [1] like the following it doesn't work - I get access. My Settings.yaml looks like that: TYPO3: Flow: security: enable: TRUE firewall: rejectAll: FALSE filters: - patternType: 'URI' patternValue: '/login.*' interceptor: 'AccessGrant' - patternType: 'URI' patternValue: '/mitglied/.*' interceptor: 'AccessDeny' authentication: providers: DefaultProvider: provider: PersistedUsernamePasswordProvider entryPoint: 'WebRedirect' entryPointOptions: routeValues: '@package': 'ITOOP.Atc' '@controller': 'Login' '@action': 'index' session: inactivityTimeout: 3600 When I try to deny access to everything with the following, that works: patternValue: '/.*' Does anybody know, why the path '/mitglied/.*' seems to be configured wrong? Thank you very much. -- Mit freundlichen Grüssen Andre Hohmann
> --------------------------------------------------------------------------------------------- http://www.andre-hohmann.net [2] Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren und die unbefugte Weitergabe dieser E-Mail sind nicht gestattet. _______________________________________________ Flow mailing list Flow at lists.typo3.org http://lists.typo3.org/cgi-bin/mailman/listinfo/flow [3]
>> _______________________________________________
>> Flow mailing list
>> Flow at lists.typo3.org
>> http://lists.typo3.org/cgi-bin/mailman/listinfo/flow [3]
>
>
> Links:
> ------
> [1] https://server.andre-hohmann.net/flow/Web/itoop.atc/mitglied
> [2] http://www.andre-hohmann.net
> [3] http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
>
>
>
> ---------------------------------------------------------------------------------------------
>
> http://www.andre-hohmann.net
>
>
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren und die unbefugte Weitergabe dieser E-Mail sind nicht gestattet.
>
> _______________________________________________
> Flow mailing list
> Flow at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
More information about the Flow
mailing list