I'm rewriting a domain for a Symfony 1.4 project.
My .htaccess
AuthUserFile /var/www/.htpasswd
AuthType Basic
AuthName "GH Auth"
<Files "*">
require valid-user
</Files>
<Files "api.php">
Allow from all
Satisfy any
</Files>
<Files "apc.php">
require user admin
</Files>
<IfModule mod_rewrite.c>
RewriteEngine On
# uncomment the following line, if you are having trouble
# getting no_script_name to work
RewriteBase /
RewriteCond %{HTTP_HOST} ^api\.domain\.org$
RewriteRule ^(.*)$ api.php [QSA,L]
# we skip all files with .something
RewriteCond %{REQUEST_URI} \.(css|js|png|gif|jpg)$
RewriteRule .* - [L]
# we check if the .html version is here (caching)
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
# no, so we redirect to our front web controller
RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>
Going to domain.org/api.php/method correctly allows you to proceed without authentication.
However, going to api.domain.org/method seems to not see the flag, and it still asks for authentication.
Any ideas? Maybe it's time to create two separate vhosts?
Try to go to
apps/api/[your_module], you should see actions folder and template folders, then add a folder namedconfig(if there isn't one) inside your module folder (parallel with actions & template folder), then add a file namedsecurity.ymlinside config folder.Add this following code in security.yml
remember, because you just want to remove authentication process for a module, the security.yml file you've edited config folder should be inside module folder, not in application folder. Because there is also config folder inside application folder.