diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 50c0427..790f410 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -27,10 +27,13 @@ security:
 
 
 
+
+
     access_control:
 #        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-#        - { path: ^/logout, roles: ROLE_USER }
-#        - { path: ^/, roles: ROLE_USER }
+        - { path: ^/logout, roles: ROLE_USER }
+        - { path: ^/index, roles: ROLE_USER }
+        - { path: ^/user, roles: ROLE_ADMIN }
 
 #when@test:
 #    security:
diff --git a/src/Controller/AccesDeniedController.php b/src/Controller/AccesDeniedController.php
new file mode 100644
index 0000000..ba28193
--- /dev/null
+++ b/src/Controller/AccesDeniedController.php
@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+
+class AccesDeniedController extends AbstractController
+{
+    #[Route('/acces/denied', name: 'app_acces_denied')]
+    public function index(): Response
+    {
+        return $this->render('acces_denied/index.html.twig', [
+            'controller_name' => 'AccesDeniedController',
+        ]);
+    }
+}
diff --git a/src/Form/AddUserFormType.php b/src/Form/AddUserFormType.php
index c8af47b..a9f8784 100644
--- a/src/Form/AddUserFormType.php
+++ b/src/Form/AddUserFormType.php
@@ -7,6 +7,7 @@ use App\Entity\Tables;
 use App\Entity\Clients;
 use Symfony\Bridge\Doctrine\Form\Type\EntityType;
 use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\Extension\Core\Type\ChoiceType;
 use Symfony\Component\Form\Extension\Core\Type\EmailType;
 use Symfony\Component\Form\Extension\Core\Type\PasswordType;
 use Symfony\Component\Form\Extension\Core\Type\SubmitType;
@@ -37,22 +38,16 @@ class AddUserFormType extends AbstractType
 
             ->add('Nom')
             ->add('Prenom')
-            ->add('Roles', TextType::class)
+            ->add('Roles', ChoiceType::class, [
+                'choices' => [
+                    'Admin' => 'ROLE_ADMIN',
+                    'User' => 'ROLE_USER',
+                ],
+                'expanded' => true,
+                'multiple' => true,
+            ])
+
             ->add('Enregistrer', SubmitType::class);
-
-
-            // Convertir le champ role en tableau
-            $builder->get('Roles')->addModelTransformer(new CallbackTransformer(
-                function ($rolesAsArray) {
-                    return implode(', ', $rolesAsArray); // Convertit l'array en string
-                },
-                function ($rolesAsString) {
-                    return array_map('trim', explode(',', $rolesAsString)); // Convertit la string en array
-                }
-            ));
-
-        ;
-
     }
 
     public function configureOptions(OptionsResolver $resolver): void
diff --git a/src/Security/LoginAuthenticator.php b/src/Security/LoginAuthenticator.php
index c16b169..e33c4fd 100644
--- a/src/Security/LoginAuthenticator.php
+++ b/src/Security/LoginAuthenticator.php
@@ -15,6 +15,8 @@ use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordC
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\SecurityRequestAttributes;
 use Symfony\Component\Security\Http\Util\TargetPathTrait;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+
 
 class LoginAuthenticator extends AbstractLoginFormAuthenticator
 {
@@ -52,6 +54,11 @@ class LoginAuthenticator extends AbstractLoginFormAuthenticator
         return new RedirectResponse($this->urlGenerator->generate('app_index'));
     }
 
+    public function start(Request $request, ?AuthenticationException $authException = null): RedirectResponse
+    {
+        return new RedirectResponse($this->urlGenerator->generate('app_acces_denied'));
+    }
+
     protected function getLoginUrl(Request $request): string
     {
         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
diff --git a/templates/acces_denied/index.html.twig b/templates/acces_denied/index.html.twig
new file mode 100644
index 0000000..427f483
--- /dev/null
+++ b/templates/acces_denied/index.html.twig
@@ -0,0 +1,28 @@
+{% extends 'base.html.twig' %}
+
+{% block title %}Accès Refusé{% endblock %}
+
+{% block body %}
+
+    <style>
+        .container {
+            margin-top: 50px;
+            text-align: center;
+            background-color: orange;
+        }
+
+        h1 {
+            color: #dc3545;
+        }
+
+        .btn {
+            margin-top: 20px;
+        }
+    </style>
+
+     <div class="container">
+        <h1>Accès Refusé</h1>
+        <p>Vous n'avez pas les permissions nécessaires pour accéder à cette page.</p>
+        <a href="{{ path('app_login') }}" class="btn btn-primary">Ce connecter</a>
+    </div>
+{% endblock %}
diff --git a/templates/index/index.html.twig b/templates/index/index.html.twig
index 183616f..a82fa1e 100644
--- a/templates/index/index.html.twig
+++ b/templates/index/index.html.twig
@@ -4,17 +4,13 @@
 
 {% block body %}
 <style>
-    .example-wrapper { margin: 1em auto; max-width: 800px; width: 95%; font: 18px/1.5 sans-serif; }
-    .example-wrapper code { background: #F5F5F5; padding: 2px 6px; }
 </style>
 
-<div class="example-wrapper">
-    <h1>Hello {{ controller_name }}! ✅</h1>
-
-    This friendly message is coming from:
-    <ul>
-        <li>Your controller at <code>D:/Devellopement/FestinHegre/src/Controller/IndexController.php</code></li>
-        <li>Your template at <code>D:/Devellopement/FestinHegre/templates/index/index.html.twig</code></li>
-    </ul>
-</div>
+    {% if 'ROLE_ADMIN' in app.user.roles %}
+        <p>Vous avez accès à toutes les fonctionnalités administratives.</p>
+    {% elseif 'ROLE_USER' in app.user.roles %}
+        <p>Vous êtes un utilisateur standard.</p>
+    {% else %}
+        <p>Accès limité.</p>
+    {% endif %}
 {% endblock %}