Develop Reference

Can I mark a single URI endpoint as anonymous?

I have read the docs and followed this similar question:
Allow anonymous access to specific URL in symfony firewall protected bundle
Using Symfony 4.1.4 I have tried the following:
access_control:
- { path: ^/rpi/service/application/quote/approve, roles: IS_AUTHENTICATED_ANONYMOUSLY}
- { path: ^/rpi, roles: ROLE_USER }
- { path: ^/erp, roles: ROLE_USER }
However when I access the first URI as anonymous I am prompted by the http_basic_ldap login screen. Any ideas?

You need
anonymous: true
in your firewall, as in the default configuration config/packages/security.yml:
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
in_memory: { memory: ~ }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
Anonymous authentication means that the user is authenticated and has a token, but it is an anonymous token.
If you do not have anonymous: true, the AnonymousAuthenticationListener will never run for your firewall, and never create an anonymous token.

Symfony2 Aimeos admin site login gives error

I installed the Aimeos 2016 bundle on Symfony 3.1.2. The /list route works but when I go to /admin and try to log in, I get an error:
Unable to find the controller for path "/admin_check". The route is wrongly configured.
I did not do anything else to the code.
Any help would be appreciated!

Did you've set up Symfony authentication exactly like in the example?
security:
providers:
admin:
memory:
users:
admin: { password: secret, roles: [ 'ROLE_ADMIN' ] }
aimeos_customer:
entity: { class: AimeosShopBundle:User, property: username }
in_memory:
memory: ~
encoders:
Symfony\Component\Security\Core\User\User: plaintext
Aimeos\ShopBundle\Entity\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
firewalls:
aimeos_admin:
pattern: ^/(admin|extadm|jqadm|jsonadm)
anonymous: ~
provider: admin
form_login:
login_path: /admin
check_path: /admin_check
aimeos_myaccount:
pattern: ^/myaccount
provider: aimeos_customer
http_basic:
realm: "MyAccount"
main:
anonymous: ~
access_control:
- { path: ^/(extadm|jqadm|jsonadm), roles: ROLE_ADMIN }
- { path: ^/myaccount, roles: ROLE_USER }
The Symfony security framework is quite picky about the configuration an even minor changes will break it

Redirect anonymous users from restricted areas in Symfony2

I've built a web app using Symfony 2.8 and I've now got to the task of separating the admin area from the front end. I have done that using the following code in the security.yml file:
security:
encoders:
MyApp\Bundle\CoreBundle\Entity\Users:
algorithm: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_BLOCKED
providers:
main:
entity: { class: MyApp\Bundle\CoreBundle\Entity\Users, property: username }
firewalls:
default:
anonymous: ~
secured_area:
pattern: ^/admin
anonymous: ~
access_denied_url: core_login
form_login:
check_path: core_login_check
login_path: core_login
failure_path: core_login
default_target_path: ^/admin/booking/today/
logout:
path: core_logout
target: core_login
access_control:
- { path: ^/admin, roles: 'ROLE_ADMIN' }
- { path: ^/ajax/admin, roles: 'ROLE_ADMIN' }
- { path: ^/ajax/backend, roles: 'ROLE_ADMIN' }
- { path: ^/, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
This is working for me in terms of blocking access to the areas I want. However, if the anonymous user tries to access /admin I get the following message:
Full authentication is required to access this resource.
When I do this in the production environment, I just get the standard 500 error.
What I want to have happen is the user be redirected to the login page. This isn't happening at the moment, so what can I do to acheive this?

Best way to handle single user authentication?

I'm working on a small app with Symfony 2.5, and I'd like to know what is the best way to handle security, but just for only one user. I could do this with an .htaccess but maybe their exists some light and quickly installable sf2 bundle which could do the job. I don't want role stuff, or profile, just a way to authenticate myself.

Symfony2 let's you easily use http authentication. Together with the in_memory provider, you have a perfect solution for your use case.
From the docs:
security:
firewalls:
secured_area:
pattern: ^/
anonymous: ~
http_basic:
realm: "Secured Demo Area"
access_control:
- { path: ^/admin/, roles: ROLE_ADMIN }
# Include the following line to also secure the /admin path itself
# - { path: ^/admin$, roles: ROLE_ADMIN }
providers:
in_memory:
memory:
users:
ryan: { password: ryanpass, roles: 'ROLE_USER' }
admin: { password: kitten, roles: 'ROLE_ADMIN' }
encoders:
Symfony\Component\Security\Core\User\User: plaintext

Why do I seem as not authenticated in Symfony debug profiler?

When I open my home page by http://domain/app_dev.php/ru/ in Symfony debug profiler I have the following info:
Logged in as: admin
Authenticated: No
Token class: UsernamePasswordToken
My security.yml is:
providers:
users:
entity:
class: BWUserBundle:User
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
auth:
pattern: ^/
anonymous: ~
form_login:
login_path: /%locale%/user/sign-in
check_path: user_sign_in_check
success_handler: bw_user.auth_success_handler
logout:
path: user_sign_out
target: home
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
Why am I not authenticated after successful login as admin? Help to understand what it means?

You have actually removed the Symfony's default firewall:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
You must declare it to be first firewall in your securty.yml.