我对symfony并不陌生,但我总是使用FOSUserBundle,默认情况下会阻止一个人使用2种不同的登录表单来验证两种不同的用户类型。
我有两个实体,一个是Admins,另一个是Users。管理员只能在管理区域登录,同样用户只能通过前端登录。
我已关注:http://symfony.com/doc/2.1/book/security.html这也引导我http://symfony.com/doc/2.1/cookbook/security/entity_provider.html
我的security.yml是:
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Symfony\Component\Security\Core\User\User: sha512
Fm\AdminBundle\Entity\Admins: sha512
Fm\MainBundle\Entity\Users: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
chain_provider:
chain:
providers: [in_memory, admin]
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
admin:
entity: { class: Fm\AdminBundle\Entity\Admins, property: username }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
anonymous: true
alogin:
pattern: ^/admin/login
security: false
login:
pattern: ^/login
security: false
secured_area:
pattern: ^/admin
anonymous: false
provider: chain_provider
switch_user: true
form_login:
check_path: /admin/login_check
login_path: /admin/login
logout:
path: /admin/logout
target: /admin
members_area:
pattern: ^/
anonymous: false
form_login: ~
logout:
path: /logout
target: /
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, roles: ROLE_ADMIN }
在我的路线中,我已经在文档中定义了路线:(默认为/ admin / login和/ admin / login_check,因为我的主路由包括设置/ admin的位置)
_admin_login:
pattern: /login
defaults: { _controller: FmAdminBundle:Security:login }
_admin_login_check:
pattern: /login_check
我在浏览器中收到的错误是:
Unable to find the controller for path "/admin/login_check". Maybe you forgot to add the matching route in your routing configuration?
堆栈跟踪告诉我:WARNING - Unable to look for the controller as the "_controller" parameter is missing
AND
ERROR - Symfony\Component\HttpKernel\Exception\NotFoundHttpException: Unable to find the controller for path "/admin/login_check". Maybe you forgot to add the matching route in your routing configuration? (uncaught exception) at /var/www/mysite.dev/symfony/app/bootstrap.php.cache line 1419
答案 0 :(得分:10)
要在symfony 2XX中实现多次登录,请尝试以下代码
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
Company\AngularBundle\Entity\User: plaintext
Company\AngularBundle\Entity\Admin: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
users:
entity: { class: CompanyAngularBundle:User, property: username }
admin:
entity: { class: CompanyAngularBundle:Admin, property: username }
firewalls:
admin_secured_area:
pattern: ^/admin
anonymous: ~
provider: admin
form_login:
login_path: /admin/login
check_path: /admin/login_check
default_target_path: /admin
user_secured_area:
pattern: ^/
anonymous: ~
provider: users
form_login:
login_path: login
check_path: login_check
default_target_path: /home
login_check:
path: /login_check
admin_login_check:
path: /admin/login_check
Action of login form should be like this
<form action="{{ path('login_check') }}" method="post">
Action of admin/login form should be like this
<form action="{{ path('admin_login_check') }}" method="post">
答案 1 :(得分:0)
问题是登录到“secured_area”防火墙后,您将重定向到“member_area”防火墙后面的“/”。您无法使用“secured_area”中的凭据访问“members_area”(至少在默认情况下不是这样)。阅读http://symfony.com/doc/current/reference/configuration/security.html#reference-security-firewall-context上的详细信息。
如果你看一下安全配置(http://symfony.com/doc/current/reference/configuration/security.html),你会发现form_login的default_target_path是“/”。只需将其更改为/ admin:
security:
...
firewalls:
...
secured_area:
pattern: ^/admin
...
form_login:
check_path: /admin/login_check
login_path: /admin/login
default_target_path: /admin
logout:
...
另一种方法是按照第一个链接(http://symfony.com/doc/current/reference/configuration/security.html#reference-security-firewall-context)中描述的方式共享上下文。