diff --git a/config/module.config.php b/config/module.config.php
index 6417843a7c7e2f690b67c899390f1377280ebd0c..d221922157e3da7651f2b43ab89601e52ebdfbe1 100644
--- a/config/module.config.php
+++ b/config/module.config.php
@@ -58,9 +58,60 @@ $zfcuserSettings = array(
100 => 'UnicaenAuth\Authentication\Adapter\Cas', // ensuite (si échec d'authentification Db)
),
);
+$bjyauthorize = array(
+ /* this module uses a meta-role that inherits from any roles that should
+ * be applied to the active user. the identity provider tells us which
+ * roles the "identity role" should inherit from.
+ *
+ * for ZfcUser, this will be your default identity provider
+ */
+ 'identity_provider' => 'UnicaenAuth\Provider\Identity\LdapPeople',
+
+ /* role providers simply provide a list of roles that should be inserted
+ * into the Zend\Acl instance. the module comes with two providers, one
+ * to specify roles in a config file and one to load roles using a
+ * Zend\Db adapter.
+ */
+ 'role_providers' => array(
+ /* here, 'guest' and 'user are defined as top-level roles, with
+ * 'admin' inheriting from user
+ */
+ 'BjyAuthorize\Provider\Role\Config' => array(
+ 'guest' => array(), // rôle par défaut
+// 'user' => array('children' => array(
+// 'admin' => array(),
+// )),
+ ),
+ ),
+
+ // strategy service name for the strategy listener to be used when permission-related errors are detected
+ 'unauthorized_strategy' => 'BjyAuthorize\View\RedirectionStrategy',
+
+ /* Currently, only controller and route guards exist
+ */
+ 'guards' => array(
+ /* If this guard is specified here (i.e. it is enabled), it will block
+ * access to all controllers and actions unless they are specified here.
+ * You may omit the 'action' index to allow access to the entire controller
+ */
+ 'BjyAuthorize\Guard\Controller' => array(
+ array('controller' => 'index', 'action' => 'index', 'roles' => array('guest')),
+ array('controller' => 'zfcuser', 'roles' => array('guest')),
+ array('controller' => 'Application\Controller\Index', 'roles' => array('guest')),
+
+ array('controller' => 'UnicaenApp\Controller\Application:etab', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:apropos', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:contact', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:plan', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:mentions-legales', 'roles' => array('guest')),
+ array('controller' => 'UnicaenApp\Controller\Application:informatique-et-libertes', 'roles' => array('guest')),
+ ),
+ ),
+);
return array(
'zfcuser' => $zfcuserSettings,
+ 'bjyauthorize' => $bjyauthorize,
'unicaen-auth' => $settings,
'service_manager' => array(
'factories' => array(
diff --git a/config/module.unicaen-auth.local.php.dist b/config/module.unicaen-auth.local.php.dist
index a3cc2e9895fdfc5b6cadc873b48310e5da93c13c..5b051a3b6a806be06c48b8ee3c75097fe251a962 100644
--- a/config/module.unicaen-auth.local.php.dist
+++ b/config/module.unicaen-auth.local.php.dist
@@ -15,7 +15,7 @@ $settings = array(
// 'connection' => array(
// 'default' => array(
// 'params' => array(
-// 'hostname' => 'cas.unicaen.fr',
+// 'hostname' => 'host.domain.fr',
// 'port' => 443,
// 'version' => "2.0",
// 'uri' => "",