In my Symfony2 app I have a firewall set up so that everything under the /admin route needs to be run through https, however when deployed I get a redirect loop. I've read the documentation on the Symfony2 site on firewalls, and setting up a login form. I've also read a few Stack Overflow articles and attempted their solutions, but nothing so far.
Below is my configuration, is there something I'm missing?
(As far as I know the server is running Apache, I've no direct access to server configuration from my hosting provider)
access_control:
# require ROLE_ADMIN for /admin*
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
- { path: ^/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
- { path: ^/admin*, roles: ROLE_ADMIN, requires_channel: https}
Based on your own answer, it seems your website is behind a Load Balancer or a Reverse Proxy (since you need to check on the HTTP_X_FORWARDED_PROTO server variable, which is normally empty).
Your hosting provider may have put such a setup in place without your explicit knowledge. By default, Symfony ignores the X-Forwarded-Proto and X-Forwarded-For headers, unless you add the proxy to a whitelist in your app/config/config.yml file:
framework:
trusted_proxies: [127.0.0.1, ::1]
Where 127.0.0.1 and ::1 should be replaced by the actual proxy/proxies that your hosting provider uses (they should be able to tell you that).
Doing that should make it work without hacking the app.php file.