Symfony Security Cookbook: Difference between revisions
(Created page with "Category:Symfony Category:IIS Category:Web Development == Windows authentication and IIS == This wouldn't be an issue in most cases because there are probably nex...") |
No edit summary |
||
| Line 18: | Line 18: | ||
* '''Forms Authentication''': disabled | * '''Forms Authentication''': disabled | ||
* '''Windows Authentication''': disabled | * '''Windows Authentication''': disabled | ||
== Logging out == | |||
`<nowiki>http://logout@dev-server.com/</nowiki>` | |||
Revision as of 19:28, 3 March 2015
Windows authentication and IIS
This wouldn't be an issue in most cases because there are probably next to no production IIS servers running Symfony apps.
Windows authentication can be used to limit access to development sites, but it is not compatible with Symfony's unit tests. No solutions were obvious for passing along the Windows authentication to a request made in a unit test.
Symfony security and IIS
Just in case Windows authentication was in use on a development site, it's necessary to disable it when using Symfony's security strategies.
A symptom of this is that different browsers will exhibit different behavior when logging in. Some (Firefox) will authenticate successfully, while others will attempt inappropriate authentication methods first, which will fail.
IIS Manager > [web server] > [symfony_site] > IIS > Authenication
- Anonymous Authentication: enabled
- ASP.NET Impersonation: disabled
- Forms Authentication: disabled
- Windows Authentication: disabled
Logging out
`http://logout@dev-server.com/`