我的webapp上的身份验证存在问题。当用户登录应用程序时,出现此错误:
Access Denied
403 Forbidden - AccessDeniedHttpException
1 linked Exception: AccessDeniedException »
使用角色ROLE_BASIC_INSTALLER登录时用户遇到问题,我把它放在hierarchy.yml上,但它不起作用。那是我的代码:
security:
role_hierarchy:
ROLE_PROMOTER: [ ROLE_USER ]
ROLE_INSTALLER: [ ROLE_USER ]
ROLE_INSPECTOR_INSTALLER: [ ROLE_USER ]
ROLE_INSPECTOR_BASIC_INSTALLER: [ROLE_USER]
ROLE_BASIC_INSTALLER: [ ROLE_USER ]
ROLE_PRODUCER: [ ROLE_USER ]
ROLE_INSPECTOR: [ ROLE_USER ]
ROLE_MANAGER: [ ROLE_USER, ROLE_INSPECTOR, ROLE_INSTALLER]
ROLE_ADMIN: [ ROLE_USER, ROLE_MANAGER, ROLE_INSPECTOR, ROLE_INSTALLER, ROLE_PRODUCER ]
ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
firewalls:
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: login
check_path: login_check
always_use_default_target_path: true
default_target_path: /admin/dashboard
http_basic:
realm: "Secured Demo Area"
logout:
path: /logout
target: /login
anonymous: true
access_control:
- { path: ^/admin/dashboard, roles: ROLE_USER }
- { path: ^/admin/dashboard, roles: ROLE_USER }
#ROLE_USER }
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/logout, roles: ROLE_USER }
# - { path: ^/admin, roles: ROLE_ADMIN }
encoders:
Agc\ManagerBundle\Entity\User: { algorithm: sha1, encode_as_base64: false, iterations: 1 }
#Symfony\Component\Security\Core\User\User: { algorithm: sha1, encode_as_base64: false, iterations: 1 }
providers:
usuarios:
entity: { class: Agc\ManagerBundle\Entity\User, property: username }
在localhost中,应用程序没有任何问题,它显示了对http的许可但我丢失了。
答案 0 :(得分:0)
您可能需要确保您登录的用户具有ROLE_USER角色 默认情况下为ROLE_ADMIN 所以在你的security.yml文件中试试这个
access_control:
- { path: ^/admin/dashboard, roles: ROLE_ADMIN }
- { path: ^/admin/dashboard, roles: ROLE_ADMIN }
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/logout, roles: ROLE_ADMIN }