当路由不存在时,生产和开发环境的异常异常

时间:2015-06-03 13:42:40

标签: symfony

我想在有人尝试访问不存在的网络路径时显示404未找到错误。

我一直在生产环境中得到这个例外:

Fatal error: Uncaught exception 'Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException' with message 'The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL.' in /<path>/app/cache/prod/classes.php:4626 Stack trace: #0 /<path>/app/cache/prod/classes.php(4364): Symfony\Component\Security\Core\Authorization\AuthorizationChecker->isGranted('ROLE_USER', NULL) #1 /<path>/vendor/symfony/symfony/src/Symfony/Bridge/Twig/Extension/SecurityExtension.php(41): Symfony\Component\Security\Core\SecurityContext->isGranted('ROLE_USER', NULL) #2 /<path>/app/cache/prod/twig/9e/5d/2e6e87b557efe952c1ff84648c04bdb5d6870549f95d79526f65c94696d2.php(149): Symfony\Bridge\Twig\Extension\SecurityExtension->isGranted('ROLE_USER') #3 /<path>/app/cache/prod/classes.php(6519): __TwigTemplate_9e5d2e6e87b557efe952c1ff84648c04bdb5d6870549f95d79526f65c94696d2->d in /<path>/app/cache/prod/classes.php on line 6530

这很奇怪,因为在开发中我得到了NotFoundHttpException,因此在生产中应该显示404页面。

这是我的安全yml:

security:
encoders:
    FOS\UserBundle\Model\UserInterface: bcrypt

role_hierarchy:
    ROLE_ADMIN:       [ ROLE_USER, ROLE_SONATA_ADMIN ]
    ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_EDITOR ]

providers:
    fos_userbundle:
        id: fos_user.user_provider.username_email

firewalls:
    oauth_token:
        pattern:    ^/oauth/v2/token
        security:   false

    oauth_authorize:
        pattern:    ^/oauth/v2/auth
        form_login:
            provider:       fos_userbundle
            login_path:     fos_user_security_login
            use_forward:    true
            use_referer:    true
            check_path:     fos_user_security_check
            failure_path:   front_homepage
            default_target_path: /
            always_use_default_target_path: false
            failure_handler: app.authentication_handler
        anonymous: true

    api:
        pattern:    ^/v1
        fos_oauth:  true
        stateless:  true
        anonymous:  true # note that anonymous access is now enabled
    main:
        pattern: ^/*
        oauth:
            resource_owners:
                facebook:           "/login/check-facebook"
                google:             "/login/check-google"
            login_path:        fos_user_security_login
            use_forward:    true
            use_referer:    true
            #                failure_path:      /login2
            failure_handler: app.authentication_handler
            provider: fos_userbundle
            oauth_user_provider:
                service: my_user_provider
        form_login:
            provider:       fos_userbundle
            login_path:     fos_user_security_login
            use_forward:    true
            use_referer:    true
            check_path:     fos_user_security_check
            failure_path:   front_homepage
            default_target_path: /
            always_use_default_target_path: false
            failure_handler: app.authentication_handler
        logout:
            path:           fos_user_security_logout
            target:         /
            success_handler: app.authentication_handler
        anonymous: true
        remember_me:
            key:      "%secret%"
            lifetime: 31536000    # 1 year in seconds
            path:     /.*
            domain:   ~
        switch_user: { role: ROLE_ADMIN }
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false
    default:
        anonymous: ~

access_control:
    # Public dev tools
    - { path: ^/_wdt, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/_profiler, role: IS_AUTHENTICATED_ANONYMOUSLY }
    # Public login routes
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    # Private routes
    - { path: ^/admin, role: ROLE_ADMIN }
    - { path: ^/admin/efconnect, role: ROLE_ADMIN }
    - { path: ^/admin/elfinder, role: ROLE_ADMIN }
    - { path: ^/v1, role: IS_AUTHENTICATED_ANONYMOUSLY }
    # Rest of all domain
    - { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }

2 个答案:

答案 0 :(得分:0)

对我而言,这是因为提供者:

providers:
    fos_userbundle:
        id: fos_user.user_provider.username_email

当找不到路由时,不会创建令牌并抛出404异常,因此应该测试令牌的提供程序失败并抛出错误。

答案 1 :(得分:0)

我挖了一下,发现错误实际上是由树枝引发的。

我在404错误页面扩展的布局中使用了is_granted('ROLE_USER')。在检查权限之前,我必须检查用户是否已定义且不是空的。

这与2.1升级更改有关: https://github.com/symfony/symfony/blob/2.8/UPGRADE-2.1.md#security