我刚刚使用ORM和MySQL安装了Symfony2的FOSUserBundle,但是我无法为匿名用户提供注册页面。
如果我去
它会显示登录表单,但是如果我转到:
http://myapp.localhost/register
它将我重定向回登录表单。
如果我在login屏幕中登录,然后导航到register屏幕,则会出现这个问题,然后会显示注册表单。
查看日志,这就是我得到的:
request.INFO: Matched route "fos_user_registration_register"
(parameters: "_controller":
"Symfony\Bundle\FrameworkBundle\Controller\RedirectController::urlRedirectAction",
"path": "/register/",
"permanent": "true",
"scheme": "null",
"httpPort": "80",
"httpsPort": "443", "_route": "fos_user_registration_register") [] []
request.INFO: Matched route "fos_user_registration_register"
(parameters: "_controller":
"FOS\UserBundle\Controller\RegistrationController::registerAction",
"_route": "fos_user_registration_register") [] []
security.INFO: Populated SecurityContext with an anonymous Token [] []
[2013-08-12 13:48:37] event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
[2013-08-12 13:48:37] security.DEBUG: Access is denied (user is not fully authenticated) by "/usr/share/www/etsytracker/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php" at line 73; redirecting to authentication entry point [] []
所以我似乎得到了一个匿名令牌,但Symfony说我没有完全通过身份验证并将我踢到登录页面。
这是我的security.yml文件:
security:
acl:
connection: default
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
access_control:
- { path: ^/register$, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
- { path: ^/login$, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
- { path: ^/resetting$, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
- { path: ^/, roles: 'ROLE_USER' }
- { path: ^/admin, roles: 'ROLE_ADMIN' }
和我关于FOSBundle的config.yml:
fos_user:
db_driver: orm
firewall_name: main
user_class: TestBundle\MyTestBundle\Entity\Users
答案 0 :(得分:1)
正如m0c所指出的那样。
在我的config.yml文件中,我认为只有经过身份验证的用户才能访问^/路径,并且我只将^login$路径列入白名单,而不是^/register$路径。
删除^/该路径的角色,解决了这个问题。
答案 1 :(得分:1)
只需为安全区域创建另一条规则。
例如:
access_control:
- { path: ^/register$, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
- { path: ^/login$, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
- { path: ^/resetting$, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
- { path: ^/dashboard, roles: 'ROLE_USER' }
- { path: ^/.*, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
- { path: ^/admin, roles: 'ROLE_ADMIN' }