Use routes for security paths, instead of raw paths

wouterj · wouterj · commit ba3eb8d3afd4 · 2013-01-16T16:37:17.000+01:00
diff --git a/book/security.rst b/book/security.rst
@@ -296,8 +296,8 @@ First, enable form login under your firewall:
                     pattern:    ^/
                     anonymous: ~
                     form_login:
-                        login_path:  /login
-                        check_path:  /login_check
+                        login_path:  login
+                        check_path:  login_check
 
     .. code-block:: xml
 
@@ -355,10 +355,11 @@ First, enable form login under your firewall:
             'form_login' => array(),
 
 Now, when the security system initiates the authentication process, it will
-redirect the user to the login form (``/login`` by default). Implementing
-this login form visually is your job. First, create two routes: one that
-will display the login form (i.e. ``/login``) and one that will handle the
-login form submission (i.e. ``/login_check``):
+redirect the user to the login form (``/login`` by default). Implementing this
+login form visually is your job. First, the create two routes we used in the
+security configuration: the ``login`` route will display the login form (i.e.
+``/login``) and the ``login_check`` route will handle the login form
+submission (i.e.  ``/login_check``):
 
 .. configuration-block::
 
diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
@@ -218,16 +218,16 @@ The Login Form and Process
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 *   ``login_path`` (type: ``string``, default: ``/login``)
-    This is the URL that the user will be redirected to (unless ``use_forward``
+    This is the path that the user will be redirected to (unless ``use_forward``
     is set to ``true``) when he/she tries to access a protected resource
     but isn't fully authenticated.
 
-    This URL **must** be accessible by a normal, un-authenticated user, else
+    This path **must** be accessible by a normal, un-authenticated user, else
     you may create a redirect loop. For details, see
     ":ref:`Avoid Common Pitfalls<book-security-common-pitfalls>`".
 
 *   ``check_path`` (type: ``string``, default: ``/login_check``)
-    This is the URL that your login form must submit to. The firewall will
+    This is the path that your login form must submit to. The firewall will
     intercept any requests (``POST`` requests only, by default) to this URL
     and process the submitted login credentials.
 
