我遇到了一个新的symfony 2.4安装问题,登录后没有保存安全令牌。 我之前从未遇到过这个问题(虽然我从未在我现在使用的生产服务器上安装symfony)。 2天我一直试图解决这个问题,我想我已经在互联网上阅读了与此问题相关的每篇文章。
我已经彻底检查过:
- 会话。他们工作正常。我能够在会话中设置变量并重新加载页面,然后从会话中读取相同的变量。我使用以下配置使用本机memcache会话处理程序:
框架: 会议: handler_id:session.handler.mc
services:
session.memcache:
class: Memcache
calls:
- [addServer , [%session_memcache_host%, %session_memcache_port%]]
session.handler.mc:
class: Symfony\Component\HttpFoundation\Session\Storage\Handler\MemcacheSessionHandler
arguments: [@session.memcache, {prefix: ""}]
- 用户实体。由于我正在使用FOSUserBundle作为用户提供程序,我扩展了他们的用户模型(我正在使用doctrine),如文档中所述。请注意我在构造方法中添加的角色,以确保我的用户具有此角色:
<?php
namespace MB\Emaizing\AppBundle\Entity;
use FOS\UserBundle\Model\User as BaseUser;
use Doctrine\ORM\Mapping as ORM;
/**
* @ORM\Entity
* @ORM\Table(name="emaizing_user")
*/
class EmaizingUser extends BaseUser
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
public function __construct()
{
parent::__construct();
$this->roles = array('ROLE_USER');
}
}
防火墙/安全设置。我通过防火墙'secured_area'保护整个站点,并添加了防火墙dev以正确显示Web Profiler工具栏。我为/ login(以及/ login_check)路由添加了例外。我还为另一条不应保护的路线添加了例外。用户使用他们的电子邮件地址作为登录名登录。
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
anonymous: ~
secured_area:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
always_use_default_target_path: true
default_target_path: /
logout: true
anonymous: ~
access_control:
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/lpx, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_USER }
- 日志。这就是日志所说的内容:
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\RouterListener::onKernelRequest". [] []
[2013-12-11 10:46:46] request.INFO: Matched route "fos_user_security_check" (parameters: "_controller": "FOS\UserBundle\Controller\SecurityController::checkAction", "_route": "fos_user_security_check") [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\LocaleListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\Security\Http\Firewall::onKernelRequest". [] []
[2013-12-11 10:46:46] doctrine.DEBUG: SELECT t0.username AS username1, t0.username_canonical AS username_canonical2, t0.email AS email3, t0.email_canonical AS email_canonical4, t0.enabled AS enabled5, t0.salt AS salt6, t0.password AS password7, t0.last_login AS last_login8, t0.locked AS locked9, t0.expired AS expired10, t0.expires_at AS expires_at11, t0.confirmation_token AS confirmation_token12, t0.password_requested_at AS password_requested_at13, t0.roles AS roles14, t0.credentials_expired AS credentials_expired15, t0.credentials_expire_at AS credentials_expire_at16, t0.id AS id17 FROM emaizing_user t0 WHERE t0.email_canonical = ? LIMIT 1 ["roest@mediablue.nl"] []
[2013-12-11 10:46:46] security.INFO: User "roest@mediablue.nl" has been authenticated successfully [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "security.interactive_login" to listener "FOS\UserBundle\EventListener\LastLoginListener::onSecurityInteractiveLogin". [] []
[2013-12-11 10:46:46] doctrine.DEBUG: "START TRANSACTION" [] []
[2013-12-11 10:46:46] doctrine.DEBUG: UPDATE emaizing_user SET last_login = ? WHERE id = ? ["2013-12-11 10:46:46",5] []
[2013-12-11 10:46:46] doctrine.DEBUG: "COMMIT" [] []
[2013-12-11 10:46:46] event.DEBUG: Listener "Symfony\Component\Security\Http\Firewall::onKernelRequest" stopped propagation of the event "kernel.request". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\Security\Http\Firewall\ContextListener::onKernelResponse". [] []
[2013-12-11 10:46:46] security.DEBUG: Write SecurityContext in the session [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bridge\Monolog\Handler\FirePHPHandler::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bridge\Monolog\Handler\ChromePhpHandler::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ResponseListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\Security\Http\RememberMe\ResponseListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Sensio\Bundle\FrameworkExtraBundle\EventListener\CacheListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bundle\WebProfilerBundle\EventListener\WebDebugToolbarListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\StreamedResponseListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.finish_request" to listener "Symfony\Component\HttpKernel\EventListener\LocaleListener::onKernelFinishRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.finish_request" to listener "Symfony\Component\HttpKernel\EventListener\RouterListener::onKernelFinishRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.finish_request" to listener "Symfony\Component\Security\Http\Firewall::onKernelFinishRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.terminate" to listener "Symfony\Bundle\SwiftmailerBundle\EventListener\EmailSenderListener::onKernelTerminate". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.terminate" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelTerminate". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Bundle\FrameworkBundle\EventListener\SessionListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\FragmentListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\RouterListener::onKernelRequest". [] []
[2013-12-11 10:46:46] request.INFO: Matched route "mb_emaizing_app_homepage" (parameters: "_controller": "MB\Emaizing\AppBundle\Controller\DefaultController::indexAction", "_route": "mb_emaizing_app_homepage") [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\LocaleListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\Security\Http\Firewall::onKernelRequest". [] []
[2013-12-11 10:46:46] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
[2013-12-11 10:46:46] security.DEBUG: Access is denied (user is not fully authenticated) by "/var/www/vhosts/www.emaizing.com/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php" at line 70; redirecting to authentication entry point [] []
[2013-12-11 10:46:46] security.DEBUG: Calling Authentication entry point [] []
正如您在此处所看到的,用户正在进行正确的身份验证。但是,在重定向之后,没有找到安全上下文,所以假设我们是匿名用户(Web Profiler工具栏将用户显示为anon)。
我试图通过调试找出出错的地方:Symfony \ Component \ Security \ Http \ Firewall \ ContextListener :: onKernelResponse()
/**
* Writes the SecurityContext to the session.
*
* @param FilterResponseEvent $event A FilterResponseEvent instance
*/
public function onKernelResponse(FilterResponseEvent $event)
{
if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) {
return;
}
if (!$event->getRequest()->hasSession()) {
return;
}
if (null !== $this->logger) {
$this->logger->debug('Write SecurityContext in the session');
}
$request = $event->getRequest();
$session = $request->getSession();
if (null === $session) {
return;
}
if ((null === $token = $this->context->getToken()) || ($token instanceof AnonymousToken)) {
if ($request->hasPreviousSession()) {
$session->remove('_security_'.$this->contextKey);
}
} else {
$session->set('_security_'.$this->contextKey, serialize($token));
}
}
当我在此行之后var_dump会话“$ session-&gt; set(' security '。$ this-&gt; contextKey,serialize($ token));”我可以看到安全令牌已添加到会话中。 但是在重定向到下一页(防火墙中的default_target_path)后它不存在。
有人知道为什么会发生这种情况吗?
答案 0 :(得分:-6)
在security.yml中为防火墙设置上下文变量。
应该这样做......