security: enable_authenticator_manager: true encoders: App\Entity\User\User: algorithm: auto # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers providers: # used to reload user from session & other features (e.g. switch_user) app_user_provider: entity: class: App\Entity\User\User property: email firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false admin: pattern: ^/(admin|login|logout) lazy: true form_login: login_path: sov_login check_path: sov_login http_basic: ~ entry_point: form_login provider: app_user_provider custom_authenticator: Lc\SovBundle\Authenticator\LoginFormAuthenticator logout: path: sov_logout target: sov_login # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: - { path: ^/admin, roles: [ROLE_ANIMATOR, ROLE_ADMIN, ROLE_SUPER_ADMIN] } role_hierarchy: ROLE_ANIMATOR: [ ROLE_USER ] ROLE_ADMIN: [ ROLE_ANIMATOR ] ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]