1

I'm building a closed website which has a landing page for everyone.

I'm using ZfcUser and BjyAuthorize. Everything works now but I wonder how I can exclude my Application's Application\Controller\Index::index action.

In my module.bjyauthorize.global.php I told my action to require no authentication:

'BjyAuthorize\Guard\Controller' => array(
    array(
        'controller' => 'Application\Controller\Index',
        'action' => 'index',
        'roles' => array()
    ),
    // ...

But still I get forwarded to the ZFCUser login page.

Any idea what I'm missing?

Edit:

I tried it with the guest role but no luck so far:

 'default_role'          => 'guest',
 'BjyAuthorize\Provider\Role\Config' => array(
     'guest' => array(),
     'user'  => array(
         'children' => array(
             'admin' => array(),
         ),
     ),
 ),
Ocramius
  • 25,171
  • 7
  • 103
  • 107
Ron
  • 22,128
  • 31
  • 108
  • 206
  • Define default role `guest` - make landing page require only `guest` – Sam Mar 13 '13 at 09:27
  • i updated my post. I tried it adding `guest` to my role array but i still get forwarded... maybe ZFCUser is interfering? – Ron Mar 13 '13 at 09:35

1 Answers1

3

NOTE: valid in BjyAuthorize 1.2.*

You have to allow the guest user to access the index page:

'BjyAuthorize\Guard\Controller' => array(
    array(
        'controller' => 'Application\Controller\Index',
        'action' => 'index',
        'roles' => array('guest', 'user')
    ),
    // ...

What you defined in your question is a deny-all instead.

Since BjyAuthorize's controller guard configuration acts as a whitelist, there is no way to allow access to all roles at once right now.

Ocramius
  • 25,171
  • 7
  • 103
  • 107