我使用Symfony 3.3和FOSUserBundle 2.0。我无法使用重置密码功能。我去请求重置页面,键入电子邮件或用户名并单击提交,它将我重定向到登录页面,视图中没有显示任何错误。 我查看了日志,它给了我这个错误:
security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): Access Denied. at .../vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php:125)"} []
Security.yml:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
{...}
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
default_target_path: /verifInit
logout: true
anonymous: true
switch_user:
role: ROLE_ADMIN
provider: fos_userbundle
parameter: username
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
fos_userbundle:
id: fos_user.user_provider.username
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
当我删除security.yml中的switch_user部分时,它运行良好。你知道为什么吗?我的项目需要switch_user功能,所以我无法删除它。
答案 0 :(得分:0)
switch_user: true
和
security:
role_hierarchy:
ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH]
试试这种方式。