Security 安全和路线-Symfony2
我希望我的项目的索引页是一个登录表单,下面有注册链接,未登录的访问者应该只能看到带有路径Security 安全和路线-Symfony2,security,symfony,routing,Security,Symfony,Routing,我希望我的项目的索引页是一个登录表单,下面有注册链接,未登录的访问者应该只能看到带有路径/的登录表单和带有路径/register的注册页面。当日志被删除时,我希望它们被重定向到带有路径/home的主页。我尝试了一些东西,它在开发环境中工作(尽管工具栏有一些问题),但当我切换到prod env时,浏览器会显示:“页面没有正确重定向。Firefox检测到服务器正在以一种永远无法完成的方式重定向对此地址的请求。此问题有时可能是由于禁用或拒绝接受Cookie造成的。” 这是我的档案: security.
//register/homesecurity:
encoders:
EM\MyFriendsBundle\Entity\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
providers:
administrators:
entity: { class: EMMyFriendsBundle:User }
firewalls:
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
default_target_path: /home
access_control:
- { path: ^/home, roles: ROLE_ADMIN }
login_display:
pattern: /
defaults: { _controller: EMMyFriendsBundle:Welcome:display }
login:
pattern: /login
defaults: { _controller: EMMyFriendsBundle:Welcome:login}
login_check:
pattern: /login_check
register:
pattern: /register
defaults: { _controller: EMMyFriendsBundle:Welcome:register }
home_display:
pattern: /home
defaults: { _controller: EMMyFriendsBundle:Home:display }
security:
encoders:
EM\MyFriendsBundle\Entity\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
providers:
administrators:
entity: { class: EMMyFriendsBundle:User }
firewalls:
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
default_target_path: /home
access_control:
- { path: ^/home, roles: ROLE_ADMIN }
login_display:
pattern: /
defaults: { _controller: EMMyFriendsBundle:Welcome:display }
login:
pattern: /login
defaults: { _controller: EMMyFriendsBundle:Welcome:login}
login_check:
pattern: /login_check
register:
pattern: /register
defaults: { _controller: EMMyFriendsBundle:Welcome:register }
home_display:
pattern: /home
defaults: { _controller: EMMyFriendsBundle:Home:display }
<?php
namespace EM\MyFriendsBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Security\Core\SecurityContext;
class WelcomeController extends Controller
{
public function displayAction()
{
$error=null;
$last_username=null;
return $this->render('EMMyFriendsBundle:Welcome:login.html.twig', array('error' => $error, 'last_username' => $last_username));
}
public function loginAction()
{
$request = $this->getRequest();
$session = $request->getSession();
// get the login error if there is one
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
$session->remove(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render('EMMyFriendsBundle:Welcome:login.html.twig', array(
// last username entered by the user
'last_username' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error
));
}
public function registerAction()
{
return $this->render('EMMyFriendsBundle:Welcome:register.html.twig');
}
}
<?php
namespace EM\MyFriendsBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
class HomeController extends Controller
{
public function displayAction()
{
return $this->render('EMMyFriendsBundle:Home:home.html.twig');
}
}
?>
我有一些类似于您的配置。区别在于我有-{path:^/login$,role:is\u AUTHENTICATED\u ANONYMOUSLY}和-{path:^/register,role:is\u AUTHENTICATED\u ANONYMOUSLY}。不确定这是否可以解决此问题我有一些类似于您的配置。区别在于我有-{path:^/login$,role:IS_AUTHENTICATED_ANONYMOUSLY}和-{path:^/register,role:IS_AUTHENTICATED_ANONYMOUSLY}。不确定这是否可以解决此问题