Skip to content

Commit

Permalink
[Actions] use new security config - related to pimcore/pimcore#13367
Browse files Browse the repository at this point in the history
  • Loading branch information
dvesh3 committed Oct 14, 2022
1 parent 6d1f6ac commit 426acb9
Showing 1 changed file with 14 additions and 11 deletions.
25 changes: 14 additions & 11 deletions .github/ci/files/config/packages/security.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
security:
enable_authenticator_manager: true

providers:
pimcore_admin:
id: Pimcore\Bundle\AdminBundle\Security\User\UserProvider
Expand All @@ -16,20 +18,21 @@ security:

# Pimcore admin form login // DO NOT CHANGE!
pimcore_admin:
anonymous: ~
pattern: ^/admin(/.*)?$
# admin firewall is stateless as we open the admin
# session on demand for non-blocking parallel requests
stateless: true
provider: pimcore_admin
login_throttling:
max_attempts: 3
interval: '5 minutes'
logout:
path: /admin/logout
target: /admin/login
success_handler: Pimcore\Bundle\AdminBundle\Security\LogoutSuccessHandler
guard:
entry_point: Pimcore\Bundle\AdminBundle\Security\Guard\AdminAuthenticator
authenticators:
- Pimcore\Bundle\AdminBundle\Security\Guard\AdminAuthenticator
path: pimcore_admin_logout
target: pimcore_admin_login
custom_authenticators:
- Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminLoginAuthenticator
- Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminTokenAuthenticator
- Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminSessionAuthenticator
two_factor:
auth_form_path: /admin/login/2fa # Path or route name of the two-factor form
check_path: /admin/login/2fa-verify # Path or route name of the two-factor code check
Expand All @@ -42,11 +45,11 @@ security:

access_control:
# Pimcore admin ACl // DO NOT CHANGE!
- { path: ^/admin/settings/display-custom-logo, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/settings/display-custom-logo, roles: PUBLIC_ACCESS }
- { path: ^/admin/login/2fa-verify, roles: IS_AUTHENTICATED_2FA_IN_PROGRESS}
- { path: ^/admin/login/2fa, roles: IS_AUTHENTICATED_2FA_IN_PROGRESS}
- { path: ^/admin/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login/(login|lostpassword|deeplink|csrf-token)$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login$, roles: PUBLIC_ACCESS }
- { path: ^/admin/login/(login|lostpassword|deeplink|csrf-token)$, roles: PUBLIC_ACCESS }
- { path: ^/admin, roles: ROLE_PIMCORE_USER }

role_hierarchy:
Expand Down

0 comments on commit 426acb9

Please sign in to comment.