(WIP) Updated security/* articles to Symfony 4

Author: javiereguiluz

security/access_control.rst

@@ -33,7 +33,7 @@ Take the following ``access_control`` entries as an example:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
             access_control:
@@ -171,7 +171,7 @@ pattern so that it is only accessible by requests from the local server itself:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
             access_control:
@@ -252,7 +252,7 @@ key:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
             access_control:
@@ -300,7 +300,7 @@ the user will be redirected to ``https``:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
             access_control:

security/access_denied_handler.rst

@@ -38,7 +38,7 @@ configure it under your firewall:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         firewalls:
             # ...
 

security/api_key_authentication.rst

@@ -292,7 +292,7 @@ and ``provider`` keys:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -364,7 +364,7 @@ If you have defined ``access_control``, make sure to add a new entry:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -423,7 +423,7 @@ configuration or set it to ``false``:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 

security/csrf_in_login_form.rst

@@ -59,7 +59,7 @@ use the default provider available in the security component:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -171,7 +171,7 @@ After this, you have protected your login form against CSRF attacks.
 
         .. code-block:: yaml
 
-            # app/config/security.yml
+            # config/packages/security.yaml
             security:
                 # ...
 

security/custom_password_authenticator.rst

@@ -153,7 +153,7 @@ using the ``simple_form`` key:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 

security/custom_provider.rst

@@ -9,7 +9,7 @@ When a user submits a username and password, the authentication layer asks
 the configured user provider to return a user object for a given username.
 Symfony then checks whether the password of this user is correct and generates
 a security token so the user stays authenticated during the current session.
-Out of the box, Symfony has four user providers: ``memory``, ``entity``, 
+Out of the box, Symfony has four user providers: ``memory``, ``entity``,
 ``ldap`` and ``chain``. In this entry you'll see how you can create your
 own user provider, which could be useful if your users are accessed via a
 custom database, a file, or - as shown in this example - a web service.
@@ -185,7 +185,7 @@ to the list of providers in the "security" section. Choose a name for the user p
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -233,7 +233,7 @@ users, e.g. by filling in a login form. You can do this by adding a line to the
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -301,7 +301,7 @@ is compared to the hashed password returned by your ``getPassword()`` method.
 
         .. code-block:: yaml
 
-            # app/config/security.yml
+            # config/packages/security.yaml
             security:
                 # ...
 

security/firewall_restriction.rst

@@ -5,25 +5,25 @@ How to Restrict Firewalls to a Specific Request
 ===============================================
 
 When using the Security component, you can create firewalls that match certain request options.
-In most cases, matching against the URL is sufficient, but in special cases you can further 
+In most cases, matching against the URL is sufficient, but in special cases you can further
 restrict the initialization of a firewall against other options of the request.
 
 .. note::
 
-    You can use any of these restrictions individually or mix them together to get 
-    your desired firewall configuration. 
+    You can use any of these restrictions individually or mix them together to get
+    your desired firewall configuration.
 
 Restricting by Pattern
 ----------------------
 
-This is the default restriction and restricts a firewall to only be initialized if the request URL 
-matches the configured ``pattern``. 
+This is the default restriction and restricts a firewall to only be initialized if the request URL
+matches the configured ``pattern``.
 
 .. configuration-block::
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
 
         # ...
         security:
@@ -64,23 +64,23 @@ matches the configured ``pattern``.
             ),
         ));
 
-The ``pattern`` is a regular expression. In this example, the firewall will only be 
+The ``pattern`` is a regular expression. In this example, the firewall will only be
 activated if the URL starts (due to the ``^`` regex character) with ``/admin``. If
-the URL does not match this pattern, the firewall will not be activated and subsequent 
+the URL does not match this pattern, the firewall will not be activated and subsequent
 firewalls will have the opportunity to be matched for this request.
 
 Restricting by Host
 -------------------
 
-If matching against the ``pattern`` only is not enough, the request can also be matched against 
-``host``. When the configuration option ``host`` is set, the firewall will be restricted to 
+If matching against the ``pattern`` only is not enough, the request can also be matched against
+``host``. When the configuration option ``host`` is set, the firewall will be restricted to
 only initialize if the host from the request matches against the configuration.
 
 .. configuration-block::
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
 
         # ...
         security:
@@ -138,7 +138,7 @@ the provided HTTP methods.
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
 
         # ...
         security:

security/force_https.rst

@@ -13,7 +13,7 @@ to use HTTPS then you could use the following configuration:
 
         .. code-block:: yaml
 
-            # app/config/security.yml
+            # config/packages/security.yaml
             security:
                 # ...
 
@@ -61,7 +61,7 @@ role:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 

security/form_login.rst

@@ -42,7 +42,7 @@ a relative/absolute URL or a Symfony route name:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -99,7 +99,7 @@ previously requested URL and always redirect to the default page:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -198,7 +198,7 @@ parameter is included in the request, you may use the value of the
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -264,7 +264,7 @@ option to define a new target via a relative/absolute URL or a Symfony route nam
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -351,7 +351,7 @@ redirects can be customized using the  ``target_path_parameter`` and
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 

security/form_login_setup.rst

@@ -18,7 +18,7 @@ First, enable form login under your firewall:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -300,7 +300,7 @@ all URLs (including the ``/login`` URL), will cause a redirect loop:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
 
         # ...
         access_control:
@@ -338,7 +338,7 @@ fixes the problem:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
 
         # ...
         access_control:

security/guard_authentication.rst

@@ -260,7 +260,7 @@ Finally, configure your ``firewalls`` key in ``security.yml`` to use this authen
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 

security/impersonating_user.rst

@@ -23,7 +23,7 @@ firewall listener:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -129,7 +129,7 @@ setting:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 

security/json_login_setup.rst

@@ -11,7 +11,7 @@ First, enable the JSON login under your firewall:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -151,7 +151,7 @@ The security configuration should be:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 

security/ldap.rst

@@ -127,7 +127,7 @@ use the ``ldap`` user provider.
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -326,7 +326,7 @@ Configuration example for form login
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -380,7 +380,7 @@ Configuration example for HTTP Basic
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 
@@ -433,7 +433,7 @@ Configuration example for form login and query_string
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
 

security/multiple_guard_authenticators.rst

@@ -22,7 +22,7 @@ This is how your security configuration can look in action:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
              # ...
             firewalls:
@@ -93,7 +93,7 @@ the solution is to split the configuration into two separate firewalls:
 
     .. code-block:: yaml
 
-        # app/config/security.yml
+        # config/packages/security.yaml
         security:
             # ...
             firewalls: