我想在有人尝试访问不存在的网络路径时显示404未找到错误。
我一直在生产环境中得到这个例外:
Fatal error: Uncaught exception 'Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException' with message 'The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL.' in /<path>/app/cache/prod/classes.php:4626 Stack trace: #0 /<path>/app/cache/prod/classes.php(4364): Symfony\Component\Security\Core\Authorization\AuthorizationChecker->isGranted('ROLE_USER', NULL) #1 /<path>/vendor/symfony/symfony/src/Symfony/Bridge/Twig/Extension/SecurityExtension.php(41): Symfony\Component\Security\Core\SecurityContext->isGranted('ROLE_USER', NULL) #2 /<path>/app/cache/prod/twig/9e/5d/2e6e87b557efe952c1ff84648c04bdb5d6870549f95d79526f65c94696d2.php(149): Symfony\Bridge\Twig\Extension\SecurityExtension->isGranted('ROLE_USER') #3 /<path>/app/cache/prod/classes.php(6519): __TwigTemplate_9e5d2e6e87b557efe952c1ff84648c04bdb5d6870549f95d79526f65c94696d2->d in /<path>/app/cache/prod/classes.php on line 6530
这很奇怪,因为在开发中我得到了NotFoundHttpException,因此在生产中应该显示404页面。
这是我的安全yml:
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: [ ROLE_USER, ROLE_SONATA_ADMIN ]
ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_EDITOR ]
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
oauth_token:
pattern: ^/oauth/v2/token
security: false
oauth_authorize:
pattern: ^/oauth/v2/auth
form_login:
provider: fos_userbundle
login_path: fos_user_security_login
use_forward: true
use_referer: true
check_path: fos_user_security_check
failure_path: front_homepage
default_target_path: /
always_use_default_target_path: false
failure_handler: app.authentication_handler
anonymous: true
api:
pattern: ^/v1
fos_oauth: true
stateless: true
anonymous: true # note that anonymous access is now enabled
main:
pattern: ^/*
oauth:
resource_owners:
facebook: "/login/check-facebook"
google: "/login/check-google"
login_path: fos_user_security_login
use_forward: true
use_referer: true
# failure_path: /login2
failure_handler: app.authentication_handler
provider: fos_userbundle
oauth_user_provider:
service: my_user_provider
form_login:
provider: fos_userbundle
login_path: fos_user_security_login
use_forward: true
use_referer: true
check_path: fos_user_security_check
failure_path: front_homepage
default_target_path: /
always_use_default_target_path: false
failure_handler: app.authentication_handler
logout:
path: fos_user_security_logout
target: /
success_handler: app.authentication_handler
anonymous: true
remember_me:
key: "%secret%"
lifetime: 31536000 # 1 year in seconds
path: /.*
domain: ~
switch_user: { role: ROLE_ADMIN }
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
default:
anonymous: ~
access_control:
# Public dev tools
- { path: ^/_wdt, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/_profiler, role: IS_AUTHENTICATED_ANONYMOUSLY }
# Public login routes
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
# Private routes
- { path: ^/admin, role: ROLE_ADMIN }
- { path: ^/admin/efconnect, role: ROLE_ADMIN }
- { path: ^/admin/elfinder, role: ROLE_ADMIN }
- { path: ^/v1, role: IS_AUTHENTICATED_ANONYMOUSLY }
# Rest of all domain
- { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
答案 0 :(得分:0)
对我而言,这是因为提供者:
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
当找不到路由时,不会创建令牌并抛出404异常,因此应该测试令牌的提供程序失败并抛出错误。
答案 1 :(得分:0)
我挖了一下,发现错误实际上是由树枝引发的。
我在404错误页面扩展的布局中使用了is_granted('ROLE_USER')。在检查权限之前,我必须检查用户是否已定义且不是空的。
这与2.1升级更改有关: https://github.com/symfony/symfony/blob/2.8/UPGRADE-2.1.md#security