我不明白,
抛出新的AccessDeniedException('message')始终重定向到登录页面。
PS:我使用FOSUserBundle,这里是security.yml内容:
security:
encoders:
ANDRY\UserBundle\Entity\User: sha512
role_hierarchy:
# Un admin hérite des droits d'auteur et de modérateur
# ROLE_ADMIN: [ROLE_AUTEUR, ROLE_MODERATEUR]
# On garde ce rôle superadmin, il nous resservira par la suite
# ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
# ROLE_EMPLOYER: ROLE_SEEKER
ROLE_ADMIN: [ROLE_EMPLOYER, ROLE_SEEKER, ROLE_ALLOWED_TO_SWITCH]
providers:
main:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# main_login:
# pattern: ^/%locale%/login$
# anonymous: true
main:
pattern: ^/
anonymous: true
provider: main
form_login:
login_path: fos_user_security_login
check_path: fos_user_security_check
default_target_path: /%locale%
logout:
path: fos_user_security_logout
target: /%locale%
remember_me:
secret: %secret%
access_control:
# - { path: ^/admin, roles: [ROLE_ADMIN, ROLE_SUPER_ADMIN] }
答案 0 :(得分:1)
Symfony的默认行为是将未经身份验证的请求重定向到防火墙配置的登录路由。要更改此设置,您必须创建自己的访问被拒绝处理程序,该处理程序实现AccessDeniedHandlerInterface并配置防火墙以使用它。
class AccessDeniedHandler implements AccessDeniedHandlerInterface
{
public function handle(Request $request, AccessDeniedException $accessDeniedException)
{
// ...
return new Response($content, 403);
}
}
将其配置为服务并修改security.yml中的防火墙配置
firewalls:
default:
...
access_denied_handler: you_access_denied_handler_service
答案 1 :(得分:0)
用户登录后,只需抛出AccessDeniedHttpException而不是AccessDeniedException,您只需要向他们显示访问被拒绝的错误页面即可,而不是被重定向到登录表单。
这是我的代码:
if (!$this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
throw $this->createAccessDeniedException();
} else {
throw new \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException('Access denied');
}
Symfony问题链接:https://github.com/symfony/symfony/issues/16026