我正在尝试为名为/secret
的Symfony 2应用程序的一部分设置基本HTTP browser-based authentication。
我希望/secret
页面可以公开访问,但/secret
下方的任何页面(例如/secret/landing
)都将位于SF2防火墙后面。
当我转到/secret
(或其任何子页面)时,我会被重定向到我的应用程序/login
页面而我无法理解为什么?
security:
providers:
sylius_user_provider:
id: sylius.user_provider.name_or_email
in_memory:
memory:
users:
secret:
password: secret
roles: 'ROLE_SECRET'
encoders:
Symfony\Component\Security\Core\User\User: plaintext
firewalls:
main:
switch_user: { role: ROLE_ADMINISTRATION_ACCESS }
context: user
pattern: /.*
form_login:
provider: sylius_user_provider
login_path: /login
check_path: /login_check
failure_path: /login
default_target_path: /
use_forward: false
use_referer: true
remember_me:
key: %sylius.secret%
name: APP_REMEMBER_ME
lifetime: 31536000
always_remember_me: true
remember_me_parameter: _remember_me
oauth:
resource_owners:
facebook: "/login/check-facebook"
google: "/login/check-google"
amazon: "/login/check-amazon"
login_path: /login
failure_path: /login
oauth_user_provider:
service: sylius.oauth.user_provider
logout: true
anonymous: true
secret:
pattern: ^/secret/.*
http_basic: ~
provider: in_memory
context: secret
access_control:
- { path: ^/secret/.*, roles: ROLE_SECRET }
答案 0 :(得分:2)
尝试添加访问控制
- { path: ^/secret, roles: IS_AUTHENTICATED_ANONYMOUSLY}
答案 1 :(得分:0)
如果它将来帮助某人,这就是我在security.yml
中所做的:
firewalls:
secret:
pattern: ^/secret/$
anonymous: true
secret_secured:
pattern: ^/secret/.*$
http_basic: ~
provider: in_memory
context: secret
access_control:
- { path: ^/secret, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/secret/.*, roles: ROLE_SECRET }