我更新了security.yaml以使用jwt auth,但是当我进入localhost:1234/xxx/api
时,我仍然被认为是匿名用户。由于conf非常简单,我想知道它是否来自网址中的“ xxx”?我应该在模式中添加它们吗?
在我的apache conf中,我有一个RewriteBase /xxx
在security.yaml中:
main:
stateless: true
anonymous: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
login:
pattern: ^/xxx/login
stateless: true
anonymous: true
json_login:
check_path: /xxx/login_check
username_path: userLogin
password_path: userPass
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
register:
pattern: ^/xxx/register
stateless: true
anonymous: true
api:
pattern: ^/xxx/api
stateless: true
anonymous: false
provider: entity_provider
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/xxx/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/xxx/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/xxx/api, roles: IS_AUTHENTICATED_FULLY }
事实上,我尝试使用模式“ / api”和“ / xxx / api”,在两种情况下我都是匿名的。将“ main”更改为“ anonymous:false”是有效的。