I have a Symfony2 website and domain with ssl. Every time I try to login or logout Symfony redirects me from http to https. I know that login should have secure connection, but right now I need to force Symfony not to use ssl. How can I do it?
1 Answer
Symfony2 configuration
Via app/config/security.yml file
There you have probably set the requires_channel property to https.
access_control:
- path: ^/login
roles: IS_AUTHENTICATED_ANONYMOUSLY
requires_channel: https
So to not force the use of https, just remove this property.
Have a look at the doc about forcing https or http with the security config.
Via routing files
In routing files, you can force http or https with the schemes property.
secure:
path: /secure
defaults: { _controller: AcmeDemoBundle:Main:secure }
schemes: [https]
So again, to not force the use of https, just remove that property.
Have a look at the doc about forcing https or http with the routing component.
Apache configuration
It is also possible to force https via .htaccessfiles with the rewrite module.
If the two previous ways didn't work, check your .htacess files for rewrite rules/conditions.
3 Comments
JayKey
I don't have any requires_channel or schemes set. Does Symfony2 redirect login action to https if avalible? Or is it somwhere else set that when I try to login/logout I'm redirected to https (DNS or something)? This redirection occures only on login/logout
Fidan Hakaj
It's also possible to force https with .htaccess files. Check your .htaccess file(s). There is a post on SO about that stackoverflow.com/questions/10703206/…
JayKey
ok, I found out that nginx config had something that forced ssl, when I turned that off everything works great, and your answer is the thing that I'll need to set https on certain things only. Thanks :)