security:
    providers:
        db_provider:
            entity:
                class: AppBundle:User
                property: username

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            light_saml_sp:
                provider: db_provider       # user provider name configured in step 9
                user_creator: user_creator  # name of the user creator service created in step 10
                login_path: /saml/login
                check_path: /saml/login_check
            logout:
                path: /logout
            anonymous: ~

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER

    access_control:
        - { path: ^/secure, roles: ROLE_USER }