Home/ Questions/Q 637001
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T20:34:34+00:00

i made a apps/frontend/config/security.yml dev: default: is_secure: false prod: default: is_secure: true but it

  • 0

i made a

apps/frontend/config/security.yml

dev:
 default:
  is_secure: false

prod:
 default:
  is_secure: true

but it is not working, am i missing something ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    As steve says, is_secure can’t be configured on a per environment basis.

    My guess is that you are trying to password protect your entire dev environment? I’d suggest that you use .htaccess/.htpasswd protection or equivalent to protect a site in this way.

    If you can’t or for whatever reason want to do it in symfony, you could make symfony accept configuration in this way by creating a custom sfSecurityConfigHandler.class.php

    Config handlers have a method in them called getConfiguration – this is in charge of getting the values set in the various yml files and creating an array of the final values after all over-rides etc have been applied.

    sfSecurityConfigHander.class.php has a getConfiguration like this:

    static public function getConfiguration(array $configFiles)
{
  $config = self::flattenConfiguration(self::parseYamls($configFiles));

  // change all of the keys to lowercase
  $config = array_change_key_case($config);

  return $config;
}

    whilst a configuration that depends on environment, such as sfDatabaseConfigHandler.class.php has one like this:

    static public function getConfiguration(array $configFiles)
{
  $config = self::replaceConstants(self::flattenConfigurationWithEnvironment(self::parseYamls($configFiles)));

  foreach ($config as $name => $dbConfig)
  {
    if (isset($dbConfig['file']))
    {
      $config[$name]['file'] = self::replacePath($dbConfig['file']);
    }
  }

  return $config;
}

    The key difference here is the use of self::flattenConfigurationWithEnvironment over self::flattenConfiguration. I think if you extend sfSecurityConfigHandler with:

    class mySecurityConfigHandler extends sfSecurityConfigHandler {
    static public function getConfiguration(array $configFiles)
    {
      $config = self::flattenConfigurationWithEnvironment(self::parseYamls($configFiles));

      // change all of the keys to lowercase
      $config = array_change_key_case($config);

      return $config;
    }
}

    and then create a config_handlers.yml file in your config telling symfony to use this class:

    modules/*/config/security.yml:
  class:    sfSecurityConfigHandler
  file:     %sf_lib_dir%/path/to/mySecurityConfigHandler

    You should then be able to use the yml as per the question to configure security per environment.

    • 0