我有一个自定义用户提供程序,请遵循以下指南:
http://symfony.com/doc/current/cookbook/security/custom_provider.html
所有工作都没有错误,但我无法访问受限区域。
在我的UserProvider类中,我将$ roles var设置为具有数组(“ROLE_USER”),这是我访问路由应用/列表所需的权限,但是当我转到app / list时,Symfony会重定向我再次登录试。
我见过调试工具栏,结果是:
Username anon.
Authenticated? yes
Roles { }
Token class Symfony\Component\Security\Core\Authentication\Token\AnonymousToken
我的security.yml文件是:
security:
firewalls:
secured_area:
pattern: ^/
anonymous: ~
form_login: ~
http_basic:
realm: "Secured Demo Area"
form_login:
provider: webservice
login_path: login
check_path: login_check
always_use_default_target_path: true
default_target_path: listado_actas
logout:
path: logout
target: login
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
providers:
webservice:
id: webservice_user_provider
encoders:
Symfony\Component\Security\Core\User\User: plaintext
Actas\Gestion\UserBundle\Security\User\WebServiceUser:
id: my.encoder.service
我的UserProvider类如下所示。我只是调用一个XML服务,它给了我一个TOKEN,我将存储在我的UserClass中:
public function loadUserByUsername($username)
{
$salt = "";
$roles = "";
// make a call to your webservice here
$password = $this->request->get('_password');
$xml_interface = new XMLInterfaceBundle();
$token = $xml_interface->requestLogin($username, $password);
if (strlen($token) > 10) {
$roles = array("ROLE_USER");
$salt = "";
return new WebserviceUser($username, $password, $salt, $roles, $token);
}
throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
}
这是我在DaoAuthenticationProvider中的UserObject :: checkAuthentication()
Actas\Gestion\UserBundle\Security\User\WebserviceUser Object
(
[username:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] => 44886706X
[password:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] => 44886706XkCrDP
[salt:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] =>
[roles:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] => Array
(
[0] => ROLE_ADMIN
)
[my_token:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] =>
)
这是我的routing.yml:
xml_interface:
resource: "@XMLInterfaceBundle/Resources/config/routing.yml"
prefix: /
actas:
resource: "@ActasBundle/Resources/config/routing.yml"
prefix: /
login:
pattern: /login
defaults: { _controller: UserBundle:Default:login }
login_check:
pattern: /login_check
logout:
pattern: /logout
答案 0 :(得分:0)
尝试将Role_hierarchy设置如下:
security:
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
例如,不要忘记将role对象的User设置为ROLE_ADMIN,以匹配role_hierarchy。