我已成功实施了github site中所述的FOSUserbundle。但是,我还需要让我的网站使用BeSimpleSsoAuthBundle。
用例是用户可以在网站上注册但是如果他们有SSO,他们仍然可以登录(并且无意中在本地创建用户)。我还根据github site
安装了BeSimpleSsoAuthBundle包我想要做的是向用户显示登录表单并获取这些凭据并针对本地数据库运行它们,如果它们不匹配,则检查SSO服务器。如果SSO服务器没有凭据,我然后在本地创建用户。
我的security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
my_firewall:
pattern: ^/admin/.*$
trusted_sso:
manager: admin_sso
login_action: BeSimpleSsoAuthBundle:TrustedSso:login
logout_action: BeSimpleSsoAuthBundle:TrustedSso:logout
create_users: true
created_users_roles: [ROLE_USER, ROLE_ADMIN]
access_control:
- { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
我的config.yml:
imports:
- { resource: parameters.yml }
- { resource: security.yml }
framework:
#esi: ~
translator: { fallback: %locale% }
secret: %secret%
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
templating:
engines: ['twig']
#assets_version: SomeVersionScheme
default_locale: "%locale%"
trusted_proxies: ~
session: ~
fragments: ~
trusted_hosts: ~
# Twig Configuration
twig:
debug: %kernel.debug%
strict_variables: %kernel.debug%
# Assetic Configuration
assetic:
debug: %kernel.debug%
use_controller: false
bundles: [ MainReferralCaptureBundle ]
#java: /usr/bin/java
filters:
cssrewrite: ~
#closure:
# jar: %kernel.root_dir%/Resources/java/compiler.jar
#yui_css:
# jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar
# Doctrine Configuration
doctrine:
dbal:
driver: %database_driver%
host: %database_host%
port: %database_port%
dbname: %database_name%
user: %database_user%
password: %database_password%
charset: UTF8
# if using pdo_sqlite as your database driver, add the path in parameters.yml
# e.g. database_path: %kernel.root_dir%/data/data.db3
# path: %database_path%
orm:
auto_generate_proxy_classes: %kernel.debug%
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: %mailer_transport%
host: %mailer_host%
username: %mailer_user%
password: %mailer_password%
spool: { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: Main\ReferralCaptureBundle\Entity\User
#be_simple_sso_auth: ~
be_simple_sso_auth:
admin_sso:
protocol:
id: cas
version: 2
server:
id: cas
login_url: http://cas.server.tld/login
logout_url: http://cas.server.tld/logout
validation_url: http://cas.server.tld/serviceValidate
有人可以帮助我做我想做的事吗?
许多人提前感谢