我无法从我的symfony项目访问管理页面。
如果我访问XXX.XXX.XXX.XXX/admin,我会:
Full authentication is required to access this resource
然而,转到XXX.XXX.XXX.XXX/security/login会给我一个登录页面。
我做错了什么?
security:
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory:
users:
admin:
password: XXX
roles: 'ROLE_ADMIN'
encoders:
Symfony\Component\Security\Core\User\User:
algorithm: bcrypt
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/admin
anonymous: ~
main:
anonymous: ~
# activate different ways to authenticate
# http_basic: ~
# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
# form_login: ~
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
form_login:
login_path: security_login
check_path: security_login
csrf_token_generator: security.csrf.token_manager
default_target_path: userRedirectAction
logout:
path: /logout
target: /blog
access_control:
# require ROLE_ADMIN for /admin*
- { path: ^/admin, roles: ROLE_ADMIN }
答案 0 :(得分:4)
我认为在您的安全区域防火墙下,您需要指定一种身份验证类型,例如http_basic: ~
答案 1 :(得分:0)
安全区域应为:
secured_area:
pattern: ^/blog/admin
现在正在使用
答案 2 :(得分:0)
如果您只想测试它是否有效,您可以更改用户在路径中的角色,删除匿名选项
- { path: ^/admin, roles: IS_AUTHENTICATED_ANONYMOUSLY }
应该可以的