chamilo-lms/app/config/security.yml

# To get started with security, check out the documentation:
# http://symfony.com/doc/current/book/security.html
security:
    access_control:
        - { path: ^/efconnect, role: ROLE_USER }
        - { path: ^/elfinder, role: ROLE_USER }

    encoders:
       FOS\UserBundle\Model\UserInterface:
           id: chamilo_user.security.encoder

    role_hierarchy:
        ROLE_SONATA_ADMIN: ROLE_USER
        ROLE_ADMIN:
            - ROLE_SONATA_ADMIN
            - ROLE_QUESTION_MANAGER
            - ROLE_SESSION_MANAGER
            - ROLE_TEACHER
            - ROLE_DIRECTOR
            - ROLE_JURY_PRESIDENT
            - ROLE_CURRENT_COURSE_TEACHER
            - SONATA
        ROLE_SUPER_ADMIN: [ROLE_SONATA_ADMIN, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

        ROLE_GLOBAL_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
        ROLE_RRHH: [ROLE_TEACHER]
        ROLE_TEACHER: [ROLE_STUDENT]
        ROLE_QUESTION_MANAGER: [ROLE_STUDENT, ROLE_QUESTION_MANAGER]
        ROLE_SESSION_MANAGER: [ROLE_STUDENT, ROLE_SESSION_MANAGER, ROLE_ALLOWED_TO_SWITCH]
        ROLE_STUDENT: [ROLE_STUDENT]
        ROLE_CURRENT_TEACHER: []
        ROLE_CURRENT_COURSE_STUDENT: [ROLE_CURRENT_COURSE_STUDENT]
        ROLE_CURRENT_COURSE_TEACHER: [ROLE_CURRENT_COURSE_TEACHER, ROLE_CURRENT_COURSE_STUDENT]

        SONATA:
            - ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are not using acl then this line must be uncommented
            - ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT


        ROLE_ANONYMOUS: [ROLE_ANONYMOUS]

    access_decision_manager:
        # strategy can be: affirmative, unanimous or consensus
        strategy: unanimous

    # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
    providers:
        fos_userbundle:
            id: fos_user.user_manager

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            pattern: .*
            context: user
            form_login:
                provider: fos_userbundle
                login_path:     /login
                use_forward:    false
                check_path:     /login_check
                failure_path:   null
                default_target_path: /
#                success_handler: chamilo_core.listener.login_success_handler
            logout:
                path:   /logout
                target: /
#                success_handler: chamilo_core.listener.logout_success_handler
                invalidate_session: false
#                handlers: ['sonata.page.cms_manager_selector']
            anonymous: ~
            switch_user: true
            # activate different ways to authenticate

            # http_basic: ~
            # http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate

            # form_login: ~
            # http://symfony.com/doc/current/cookbook/security/form_login_setup.html
Add symfony2 files 9 years ago			`# To get started with security, check out the documentation:`
			`# http://symfony.com/doc/current/book/security.html`
			`security:`
			`access_control:`
			`- { path: ^/efconnect, role: ROLE_USER }`
			`- { path: ^/elfinder, role: ROLE_USER }`

			`encoders:`
			`FOS\UserBundle\Model\UserInterface:`
			`id: chamilo_user.security.encoder`

			`role_hierarchy:`
			`ROLE_SONATA_ADMIN: ROLE_USER`
			`ROLE_ADMIN:`
			`- ROLE_SONATA_ADMIN`
			`- ROLE_QUESTION_MANAGER`
			`- ROLE_SESSION_MANAGER`
			`- ROLE_TEACHER`
			`- ROLE_DIRECTOR`
			`- ROLE_JURY_PRESIDENT`
			`- ROLE_CURRENT_COURSE_TEACHER`
			`- SONATA`
			`ROLE_SUPER_ADMIN: [ROLE_SONATA_ADMIN, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]`

			`ROLE_GLOBAL_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]`
			`ROLE_RRHH: [ROLE_TEACHER]`
			`ROLE_TEACHER: [ROLE_STUDENT]`
			`ROLE_QUESTION_MANAGER: [ROLE_STUDENT, ROLE_QUESTION_MANAGER]`
			`ROLE_SESSION_MANAGER: [ROLE_STUDENT, ROLE_SESSION_MANAGER, ROLE_ALLOWED_TO_SWITCH]`
			`ROLE_STUDENT: [ROLE_STUDENT]`
			`ROLE_CURRENT_TEACHER: []`
			`ROLE_CURRENT_COURSE_STUDENT: [ROLE_CURRENT_COURSE_STUDENT]`
			`ROLE_CURRENT_COURSE_TEACHER: [ROLE_CURRENT_COURSE_TEACHER, ROLE_CURRENT_COURSE_STUDENT]`

			`SONATA:`
			`- ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are not using acl then this line must be uncommented`
			`- ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT`


			`ROLE_ANONYMOUS: [ROLE_ANONYMOUS]`

			`access_decision_manager:`
			`# strategy can be: affirmative, unanimous or consensus`
			`strategy: unanimous`

			`# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers`
			`providers:`
			`fos_userbundle:`
			`id: fos_user.user_manager`

			`firewalls:`
			`# disables authentication for assets and the profiler, adapt it according to your needs`
			`dev:`
			`pattern: ^/(_(profiler\|wdt)\|css\|images\|js)/`
			`security: false`

			`main:`
			`pattern: .*`
			`context: user`
			`form_login:`
			`provider: fos_userbundle`
			`login_path: /login`
			`use_forward: false`
			`check_path: /login_check`
			`failure_path: null`
			`default_target_path: /`
			`# success_handler: chamilo_core.listener.login_success_handler`
			`logout:`
			`path: /logout`
			`target: /`
			`# success_handler: chamilo_core.listener.logout_success_handler`
			`invalidate_session: false`
			`# handlers: ['sonata.page.cms_manager_selector']`
			`anonymous: ~`
			`switch_user: true`
			`# activate different ways to authenticate`

			`# http_basic: ~`
			`# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate`

			`# form_login: ~`
			`# http://symfony.com/doc/current/cookbook/security/form_login_setup.html`