LdapBundle icon indicating copy to clipboard operation
LdapBundle copied to clipboard
verified publisher icon BorisMorel

Make role prefix configurable

Open tverskih opened this issue 12 years ago • 2 comments

Add a possibility to configure role prefix in project

tverskih avatar Oct 11 '13 19:10 tverskih

Currently, I do not merge this.

All roles must begin with the ROLE_ prefix to be managed by Symfony2.
If you define your own roles with a dedicated Role class (more advanced), don't use the ROLE_ prefix.

http://symfony.com/doc/current/book/security.html#roles

BorisMorel avatar Oct 21 '13 09:10 BorisMorel

Here I made another change: roles are always prepended with "ROLE_" prefix but additional sub prefix can be added between prefix and role name.

The purpose is to distinct two types of roles: integrated symfony roles (e.g. ADMIN, USER) and dynamic roles which are sent by LDAP.

Our app has an integrated 'Admin' role and if the role with the same name will be received dynamically the user will be granted with all the rights of the integrated "Admin" role.

tverskih avatar Nov 06 '13 13:11 tverskih