I have a Symfony application with 2 areas, one for clients accessing from a web page an other for API calls from AJAX and web services.
Each one of this areas is protected with a firewall on its own. The WEB interface is authenticated with a log in form and the API with http_basic
.
Both firewalls work fine, but when the WEB interface makes an AJAX call to the API interface, then the browser prompts the user to log in again, even when he was already logged in (via log in form). This is what I want to avoid. I Would like that both firewalls were authenticated at the same time to prevent this prompt.
I've seen another question with exactly the same problem. But they are using http_basic
authentication on both firewalls, so, the solution proposed did't work on my case:
Authenticate multiple symfony2 firewalls with one login form
My security.yml
#....
firewalls:
api:
pattern: ^/API
context: primary_auth
stateless: true
http_basic:
realm: "API: Please log in"
web:
pattern: ^/
context: primary_auth
form_login:
check_path: /login_check
login_path: /login
provider: fos_userbundle
logout:
path: /logout
target: /
anonymous: ~