symfony2 access control on assets

Question

For some reason ( AngularJS top secret js files ) I need to put behind a firewall my resources. But I don't know how to setup that the symfony way. I already tried to set a access_control on /web/myresources.js but the kernel does not handle it.

I'd like to do something like this :

- { path: ^/assets/admin/, role: ROLE_ADMIN }

To protect, for example : "/assets/admin/js/app.js".

Any ideas ? Thank you.

EDIT : I created a bundle to achieve that. It is not documented yet, but here is the repo :

https://github.com/NathanVss/resources-firewall-bundle

score 0 · Answer 1 · edited Jun 20 '20 at 09:12

0

Symfony firewall can only work on URIs managed by Symfony. Assets are static files and are not routed through Symfony.

Use web server config to protect such routes. For instance, by protecting directory index listings in Apache:

Create a .htaccess file with the following:
Options -Indexes

Or by disabling autoindex in nginx:

Syntax:  autoindex on | off;
Default: autoindex off;
Context: http, server, location
Enables or disables the directory listing output.

edited Jun 20 '20 at 09:12

Community

1
1

answered Feb 08 '16 at 13:31

Wouter J

41,455
15
107
112

Thank you for your reply, it is good to know :) I edited my question :) – NathanVss Feb 09 '16 at 21:13

symfony2 access control on assets

1 Answers1