Php Symfony2 FOSUserBundle未将经过身份验证的用户设置为会话?
我有一个非常基本的Symfony2.1设置,安装了FOSUserBundle 注册后一切正常,我被重定向到目标路径,调试栏显示我已通过身份验证 然而,当登录时,提交具有错误凭据的表单会反映出这一点,但是如果我使用正确的凭据登录,我会被重定向到目标路径,但我仍然是一个非目标路径,因此身份验证是成功的,但不会在会话中持久化 我错过什么了吗?我几乎完全按照基本配置进行了定制。不确定如何对此进行调试(Symfony1的体验,Symfony2的新体验) FOSUserBundle的InteractiveLoginListener onSecurityInteractiveLogin已经并正确地更新了用户的上次登录日期,我不确定这将在什么时候绑定到security.context(如果有的话),也不确定在哪里查找 我是想注册我自己的听众,还是有些东西不起作用?在整个捆绑包中搜索security.context似乎会导致仅将其设置为注册和重置Php Symfony2 FOSUserBundle未将经过身份验证的用户设置为会话?,php,symfony-2.1,fosuserbundle,Php,Symfony 2.1,Fosuserbundle,我有一个非常基本的Symfony2.1设置,安装了FOSUserBundle 注册后一切正常,我被重定向到目标路径,调试栏显示我已通过身份验证 然而,当登录时,提交具有错误凭据的表单会反映出这一点,但是如果我使用正确的凭据登录,我会被重定向到目标路径,但我仍然是一个非目标路径,因此身份验证是成功的,但不会在会话中持久化 我错过什么了吗?我几乎完全按照基本配置进行了定制。不确定如何对此进行调试(Symfony1的体验,Symfony2的新体验) FOSUserBundle的InteractiveL
security.yml
日志
暗中捅一刀,但是你的用户类
getRoles()
方法在任何情况下都会返回一个ROLE\u用户,因为如果此方法不返回任何内容,用户将被视为匿名用户,因此没有经过身份验证。另一次暗中捅一刀,似乎你正在重定向到sonata\u admin\u dashboard
路由,解析为/admin/dashboard
url。根据你的security.yml
看来用户需要ROLE\u ADMIN
或ROLE\u SONATA\u ADMIN
角色才能访问该页面。结果证明,答案只是清除浏览器的cookies,出于某种原因,我设置了2个PHPSESSID cookies。。不知道这怎么可能
我的假设是,这是由于摆弄这个,可能是因为我有2个防火墙,后来我剥离到1
Symfony似乎在循环使用PHPSESSID cookies,每次访问的页面都在变化,因此任何身份验证都是在一个会话上进行的,而该会话不会持续到下一个会话,因此给了我所描述的问题
有没有合理的理由会有2块饼干?。。当然不可能设置两个同名的cookie?在清理它们之前,我没有对其进行适当的调查,我猜一定有不同的路径或其他什么?。。但他们似乎在每一个请求中都在场。一刀总比一无所获好!遗憾的是,返回的是数组('ROLE_USER'),我使用的是SonataUserBundle的用户实体。另一个很好的猜测,但我尝试了分配这两个角色。此外,问题发生在前端和后端。我的猜测是,如果这是一个问题,那么用户会得到一个拒绝访问的错误,而不是什么都没有。你的登录页面是什么
/login
或/admin/login
?我两者都有,一个是Sonata admin登录,另一个是我认为FOSUser附带的基本登录?两者的行为都是一样的。实际上不是。每个防火墙的行为都是不同的。对于每个防火墙上下文,安全令牌保存在不同的会话密钥中。要访问管理员页面,您必须通过admin
防火墙的login\u路径登录,例如admin/login
。看到了吗,很高兴知道,但仍然,两个登录都没有持续到会话,它总是说anon。
security:
acl:
connection: default
providers:
fos_userbundle:
id: fos_user.user_manager
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN]
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
# SONATA:
# - ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are using acl then this line must be commented
firewalls:
# -> custom firewall for the admin area of the URL
admin:
switch_user: true
context: user
pattern: /admin(.*)
form_login:
provider: fos_userbundle
login_path: /admin/login
use_forward: false
check_path: /admin/login_check
# login success redirecting options (read further below)
always_use_default_target_path: false
default_target_path: /admin/dashboard
target_path_parameter: _target_path
use_referer: false
failure_path: null
use_referer: true
logout:
path: /admin/logout
target: /admin/login
anonymous: true
# -> end custom configuration
# default login area for standard users
main:
switch_user: true
context: user
pattern: .*
form_login:
provider: fos_userbundle
# the user is redirected here when he/she needs to login
login_path: /login
# if true, forward the user to the login form instead of redirecting
use_forward: false
# submit the login form here
check_path: /login_check
# login success redirecting options (read further below)
always_use_default_target_path: false
default_target_path: /
target_path_parameter: _target_path
use_referer: false
# login failure redirecting options (read further below)
failure_path: null
failure_forward: false
# csrf token options
csrf_parameter: _csrf_token
intention: authenticate
logout: true
anonymous: true
# -> end default configuration
access_control:
# URL of FOSUserBundle which need to be available to anonymous users
- { path: ^/_wdt, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/_profiler, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
# -> custom access control for the admin area of the URL
- { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login-check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
# -> end
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
# Secured part of the site
# This config requires being logged for the whole site and having the admin role for the admin part.
# Change these rules to adapt them to your needs
- { path: ^/admin, role: [ROLE_ADMIN, ROLE_SONATA_ADMIN] }
- { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
jms_security_extra:
secure_all_services: false
expressions: true
[2012-07-05 15:12:50] security.INFO: User "steve" has been authenticated successfully [] []
[2012-07-05 15:12:50] event.DEBUG: Notified event "security.interactive_login" to listener "FOS\UserBundle\Security\InteractiveLoginListener::onSecurityInteractiveLogin". [] []
[2012-07-05 15:12:50] doctrine.DEBUG: UPDATE fos_user_user SET last_login = ?, updated_at = ? WHERE id = ? ([{"date":"2012-07-05 16:12:50","timezone_type":3,"timezone":"Europe\/London"},{"date":"2012-07-05 16:12:50","timezone_type":3,"timezone":"Europe\/London"},1]) [] []
[2012-07-05 15:12:50] event.DEBUG: Listener "Symfony\Component\Security\Http\Firewall::onKernelRequest" stopped propagation of the event "kernel.request". [] []
[2012-07-05 15:12:50] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\Security\Http\Firewall\ContextListener::onKernelResponse". [] []
[2012-07-05 15:12:50] security.DEBUG: Write SecurityContext in the session [] []
[2012-07-05 15:12:50] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bridge\Monolog\Handler\FirePHPHandler::onKernelResponse". [] []
[2012-07-05 15:12:50] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bundle\SecurityBundle\EventListener\ResponseListener::onKernelResponse". [] []
[2012-07-05 15:12:50] event.DEBUG: Notified event "kernel.response" to listener "Sensio\Bundle\FrameworkExtraBundle\EventListener\CacheListener::onKernelResponse". [] []
[2012-07-05 15:12:50] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ResponseListener::onKernelResponse". [] []
[2012-07-05 15:12:50] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelResponse". [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bundle\WebProfilerBundle\EventListener\WebDebugToolbarListener::onKernelResponse". [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\StreamedResponseListener::onKernelResponse". [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.terminate" to listener "Symfony\Bundle\SwiftmailerBundle\EventListener\EmailSenderListener::onKernelTerminate". [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelRequest". [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Bundle\FrameworkBundle\EventListener\SessionListener::onKernelRequest". [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\RouterListener::onKernelRequest". [] []
[2012-07-05 15:12:51] request.INFO: Matched route "sonata_admin_dashboard" (parameters: "_controller": "Sonata\AdminBundle\Controller\CoreController::dashboardAction", "_route": "sonata_admin_dashboard") [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\LocaleListener::onKernelRequest". [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\Security\Http\Firewall::onKernelRequest". [] []
[2012-07-05 15:12:51] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2012-07-05 15:12:51] event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
[2012-07-05 15:12:51] security.DEBUG: Access is denied (user is not fully authenticated) by "/var/www/motoratings/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php" at line 70; redirecting to authentication entry point [] []
[2012-07-05 15:12:51] security.DEBUG: Calling Authentication entry point [] []