symfony2 API authentication and routing

I followed the instructions for creating a custom authentication provider: http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html

app/config/security:

firewalls:
    wsse_protection:
        pattern: ^/api/.*
        wsse: true
    main:
        pattern: ^/
 开发者_开发知识库       form_login:
            provider: fos_userbundle
        logout:       true
        anonymous:    true

Now I have some Actions in the Controllers with routes. e.g:

ExampleController with listAction

routing:

example_list:
    pattern: /example/list
    defaults: { ... }

Do I have to copy all the routes to example_api_list? Because api/example/list didnt work (no route found for /api/example/list). I thought the pattern from the firewall is a prefix for all defined routes.

The firewall isn't a prefix, it's a regular expression that matches against incoming routes. In this case, anything starting with /api will be matched by your wsse_protection firewall, and everything that falls through will be matched by your main firewall.

To create routes under /api/*, you'll have to define the routing separately.