我在最近的symfony2中遇到了最简单的授权问题,
我的security.yml:
安全性: 编码器: Symfony \ Component \ Security \ Core \ User \ User:plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
# pattern: ^/demo/secured/login$
pattern: /login
security: false
secured_area:
pattern: ^/admin
form_login:
check_path: check
login_path: login
logout:
path: /logout
target: /index
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
access_control:
- { path: ^/admin/, roles: ROLE_ADMIN }
和DefaultControler.php的一部分
public function loginAction() {
$request = $this->getRequest();
$session = $request->getSession();
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render('JimmyTestBundle:Default:login.html.twig', array(
// last username entered by the user
'last_username' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error,
));
}
public function checkAction()
{
}
我从symfony网站上读一本烹饪书,checkAction应该被防火墙层解释,但是当我尝试登录时,可能不是这样的事情。
控制器必须返回响应(给定null)。您是否忘记在控制器中的某处添加return语句? 500内部服务器错误 - LogicException
我的login.html.twig也几乎是从教程中复制和粘贴的。有什么建议?
答案 0 :(得分:0)
您的“secured_area”防火墙缺少安全提供程序来实际捕获发送到check_path的请求。提供商在security.providers下配置如下:
providers:
your_provider_name: name_of_provider_service
现在......您只有一个名为“in_memory”的提供程序,它是symfony提供的特殊提供程序。
将其添加到“secured_area”防火墙,以便用于验证发布到check_path路由的凭据。
firewalls:
secured_area:
pattern: ^/admin
provider: in_memory
...并从配置中删除不必要的“登录”防火墙
login:
# pattern: ^/demo/secured/login$
pattern: /login
security: false
答案 1 :(得分:0)
不要忘记在routing.yml中提及您的控制器,在您的情况下类似
_demo_secured:
resource: "@JimmyTestBundle/DefaultController.php"
type: annotation