我在使用UsernamePasswordToken登录Symfony2.4时遇到错误......
我在我的网站上使用他们的网址和用户的哈希来自动登录用户。动作非常简单,我唯一认为(经过一些检查后)是:
$token = new UsernamePasswordToken($user, $user->getPassword(), 'secured_area', $user->getRoles());
$this->get('security.context')->setToken($token);
有了它,在某些情况下它可以工作(当我尝试它总是有效...)但在某些情况下不起作用...这种情况下的日志说:
[2014-10-30 15:47:25] request.INFO: Matched route "_my_route" (parameters: "_controller": "MyController", "url": "my-url", "hash": "2f5fccc7b5fc2d41bbc3e1e469655f24f540e383", "_route": "_my_route") [] []
[2014-10-30 15:47:25] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2014-10-30 15:47:25] security.DEBUG: Write SecurityContext in the session [] []
[2014-10-30 15:47:25] request.CRITICAL: Uncaught PHP Exception RuntimeException: "Failed to start the session because headers have already been sent by "/route/app/bootstrap.php.cache" at line 1365." at /route/app/cache/prod/classes.php line 119 {"exception":"[object] (RuntimeException: Failed to start the session because headers have already been sent by \"/route/app/bootstrap.php.cache\" at line 1365. at /route/app/cache/prod/classes.php:119)"} []
[2014-10-30 15:47:25] security.DEBUG: Write SecurityContext in the session [] []
为什么标题已经发送?为什么只在某些情况下?有人经常知道它何时发生?
我尝试了很多东西:检查之前没有打印过字符,更改security.yml中的防火墙,将会话放入磁盘文件中,...
我认为一切都好。
我的用户实体:
class MyUser implements UserInterface, \Serializable
{
...
/**
* Serializes the user.
*
* The serialized data have to contain the fields used byt the equals method.
*
* @return string
*/
public function serialize()
{
return serialize(array(
$this->id,
$this->password,
$this->email
));
}
/**
* Unserializes the user.
*
* @param string $serialized The serialized string
*
* @return void
*/
public function unserialize($serialized)
{
list(
$this->id,
$this->password,
$this->email
) = unserialize($serialized);
}
...
Security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
MyProject\PublicBundle\Entity\MyUser:
algorithm: sha1
iterations: 1
encode_as_base64: false
role_hierarchy:
ROLE_USER: ROLE_PENDING
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
main:
entity: { class: MyProject\PublicBundle\Entity\MyUser, property: email }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
failure_path: /login
username_parameter: email
password_parameter: password
default_target_path: /login-redirect
logout:
path: /logout
target: /
remember_me:
key: "aSecretKey"
lifetime: 321408000
path: /
domain: %domain%
config.yml(第一次出错后添加了会话部分)
framework:
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
templating:
engines: ['twig']
default_locale: "%locale%"
trusted_hosts: ~
trusted_proxies: ~
session:
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/sessions"
fragments: ~
http_method_override: true
答案 0 :(得分:1)
这可能与您尝试将令牌保存到会话的方式有关。
您使用的服务如下:
$token = new UsernamePasswordToken($user, $user->getPassword(), 'secured_area', $user->getRoles());
$this->get('security.context')->setToken($token);
$this->get('session')->set('_security_secured_area',serialize($token));