Turn off firewall when developing in early stages with Symfony2?

Question

Following this tutorial i'm developing a web application using symfony authentication/authorization architecture.

After designing the whole structure (routes, pages and security levels) i'm stuck: how can i develop my pages without enter credentials all the time? Is there any way to disable or turn off the entire firewall functionality? Should i use data fixtures?

Answer 1

In your app/config/security.yml file, under the firewalls config option add or modify the dev...

firewalls:
    dev:
        pattern:  ^/
        security: false

Answer 2

The security.firewalls.dev: configuration is used in every Symfony environment (dev,test,prod)!

In Symfony 4, to achieve disabling firewalls for all routes in just dev environment, you could do something like this:

Setup:

config/packages/security.yaml:

parameters:
    # Adds a fallback SECURITY_DEV_PATTERN if the env var is not set.
    env(SECURITY_DEV_PATTERN): '^/(_(profiler|wdt)|css|images|js)/'

security:
    firewalls:
        dev:
            pattern: '%env(SECURITY_DEV_PATTERN)%'
            security: false

Override per Symfony environment:

create a new file config/packages/dev/parameters.yaml:

parameters:
    env(SECURITY_DEV_PATTERN): '^/'

Now all routes are reachable without firewall in Symfony dev environ

Override using environment variables:

You could also override SECURITY_DEV_PATTERN in the .env file:

SECURITY_DEV_PATTERN=^/

This only works if you don't include the .env in your production environment, or if you specifically override the SECURITY_DEV_PATTERN environment variable there as well.