我已经在我的应用程序FosUserBundle中安装了Symfony 2.5版本,我可以访问我的网站:MySite / login和logout:MySite / logout,但无论用户是否登录,我都可以访问我的任何页面站点
我如何解决这个问题
security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_manager
firewalls:
login_firewall:
pattern: ^/login$
anonymous: ~
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: fos_user_security_login
check_path: fos_user_security_check
default_target_path: /
logout:
path: /logout
target: /login
anonymous: ~
access_control:
- { path: ^/$, roles: ROLE_USER }
答案 0 :(得分:2)
您必须更改您的访问控制,下一步:
access_control:
- { path: ^/login, roles: IS_AUTHENTIFICATED_ANONYMOUSLY }
- { path: ^/*, roles: ROLE_ADMIN }