Exclude public pages from access control list

Question

I have application in Symfony2 with 2 roles: ROLE_ADMIN and ROLE_PARTNER. Also I have some public pages. All public pages starts with URL "/public/". I want to protect all application excluded these public items.

My current config:

access_control:
    - { path: /.*, role: ROLE_PARTNER|ROLE_ADMIN }
    - { path: /public/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }

But it works wrong (looping redirection).

Answer 1

Change the order:

access_control:
    - { path: ^/public/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, role: ROLE_PARTNER|ROLE_ADMIN }

The second option is to turn off security for the public section completely:

firewalls:
    public:
        pattern: ^/public/
        security: false