The FOSRestBundle is working perfectly in my project but without authentification. Now, my goal is to make my requests with auth.
To do so, I added this firewall in security.yml
firewalls: # ... rest_api: pattern: ^/api/ stateless: true http_basic: provider: fos_userbundle # ... access_control: # ... - { path: ^/api/, role: IS_AUTHENTICATED_FULLY } To check this, I used this shell command:
curl -i http://localhost/tuto/web/app_dev.php/api/test/1 The result is:
HTTP/1.1 302 Found Date: Fri, 11 Apr 2014 13:56:08 GMT Server: Apache/2.2.22 (Ubuntu) X-Powered-By: PHP/5.4.9-4ubuntu2.4 Set-Cookie: PHPSESSID=4dtr168vmj1eg523a07kbkjkh1; path=/ Cache-Control: no-cache Location: http://localhost/tuto/web/app_dev.php/login Vary: Accept-Language X-Debug-Token: 220df7 Transfer-Encoding: chunked Content-Type: application/json <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="refresh" content="1;url=http://localhost/tuto/web/app_dev.php/login" /> <title>Redirecting to http://localhost/tuto/web/app_dev.php/login</title> </head> <body> Redirecting to <a href="http://localhost/tuto/web/app_dev.php/login">http://localhost/tuto/web/app_dev.php/login</a>. </body> </html> As you can see, the returned code is 302 FOUND since it is URL is redirected to http://localhost/tuto/web/app_dev.php/login as I am using FOSUserBundle.
Now, I want to check if the authenfication is working well. I tried this: curl -i http://localhost/tuto/web/app_dev.php/api/test/1 --user user:password but still I have 302 FOUND.
I tried this also curl -i -H 'Accept:application/json' -H 'Authorization:Basic username:password' http://localhost/tuto/web/app_dev.php/api/test/1 but still I have 302 FOUND.
So is there any proposal of curl command to check the auth in my REST api?
Thanks,
Notice: I have tried solutions in many links like: basic authorization command for curl
