6

I am new to Symfony and I am trying out different examples shown in Symfony. However, I get the following error with my security.yml file

InvalidConfigurationException in SecurityExtension.php line 430: No authentication listener registered for firewall "secured_area".

My security.yml file looks like this

security:
    providers:
        in_memory:
            memory:
              users:
                foo:
                  password: $2a$12$2nJYjp5DxX0o.ZgGL8ybEOG/MepViC08G1HKVFpjb0BoTDiZd9bCq
                  roles: ROLE_ADMIN

    firewalls:
        secured_area:
            logout:
                path: /logout
                target: /example

        dev:
            pattern: ^/(_(profiler|wdt|error)|css|images|js)/
            security: false


        default:
            anonymous: ~
            http_basic: ~


    access_control:
        - { path: ^/administer, roles: ROLE_ADMIN }

    encoders:
        Symfony\Component\Security\Core\User\User:
            algorithm: bcrypt
            cost: 12
user2340612
  • 10,053
  • 4
  • 41
  • 66
Isaac Bhasme
  • 146
  • 1
  • 9

2 Answers2

6

Each firewalls key must have defined one or more authentication provider (anonymous, form_login etc.) unless it contains security: false. Your secured_area has registered nothing (logout is not for authentication). Deleting secured_area or moving logout under default key should solve the problem. Right solution depends on what you are trying to achieve.

firewalls:
    dev:
        pattern: ^/(_(profiler|wdt|error)|css|images|js)/
        security: false


    default:
        anonymous: ~
        http_basic: ~

A "little bit" similar problem security.yml causes InvalidArgumentException: "You must at least add one authentication provider".

Community
  • 1
  • 1
kba
  • 4,190
  • 2
  • 15
  • 24
  • 3
    I'm hitting exactly the same problem. The OP copied his example directly from the Symfony book (as did I). Deleting it solves the problem in that it no longer shows an error. But it also fails to demonstrate the logout method that the book is trying to show. Is there a solution that will actually make the logout feature work? – MikeMayer67 Sep 21 '15 at 15:30
  • It is not a case. I believe `logout` provider was not designated to working with basic authentication. You can use it in conjuction with `form_login` under the same key etc. `default`. – kba Sep 21 '15 at 19:32
  • 1
    I also am following the symfony tutorials and it does not logout at least while using the basic authentication that it was teaching me thus far. Are you saying this logout feature won't work until I use it with form_login or maybe with the database method?? – Joseph Astrahan Jan 04 '16 at 00:04
  • 1
    Yes. I found additional reading for you [http://stackoverflow.com/questions/29228936/logout-from-http-basic-auth-in-symfony2](http://stackoverflow.com/questions/29228936/logout-from-http-basic-auth-in-symfony2), [https://adayinthelifeof.nl/2014/10/06/symfony2-logging-out/](https://adayinthelifeof.nl/2014/10/06/symfony2-logging-out/). – kba Jan 04 '16 at 08:35
0

You need to delete secured_area, then move your logout bloc to default

For exemple : #config/packages/security.yaml

Next, you’ll need to create a route for this URL (but not a controller):

At config/routes.yaml

logout:
    path: /logout
khalil brf
  • 1
  • 1