8000 [SecurityBundle] [4.2.4] cannot set security via environment variable · Issue #30637 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content
[SecurityBundle] [4.2.4] cannot set security via environment variable #30637
New issue
New issue
Closed
Closed
[SecurityBundle] [4.2.4] cannot set security via environment variable#30637
Labels
FeatureSecurity
@farazive

Description

@farazive
farazive
opened on Mar 22, 2019

Symfony version(s) affected: 4.2.4

Description
In security.yaml, trying to set the security of a firewall from an env does not work.

How to reproduce

  1. Have a .env file as below:
SECURITY_ENABLED=0
  1. Now go to config/packages/security.yaml, have it as below:
parameters:
    security_enabled: '%env(bool:SECURITY_ENABLED)%'

security:
    ...
    firewalls:
        secured_area:
            security: '%security_enabled%'
            pattern: ^/
  1. Now run the command
 bin/console debug:config SecurityBundle

and you get the bug

In BooleanNode.php line 29:
                                                                                                                     
  Invalid type for path "security.firewalls.secured_area.security". Expected boolean, but got string.

I have tried the following .env values

SECURITY_ENABLED=
# OR 
SECURITY_ENABLED=0
# OR
SECURITY_ENABLED=false
# OR
SECURITY_ENABLED='false'

None of the above work. The cache clears though, and when accessing a route, the system behaves as if security is turned on. Substituting security: '%security_enabled%' with security: false works correctly and security is disabled.

41DB

Metadata

Metadata

Assignees

No one assigned

    Labels

    FeatureSecurity

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0