5

我已经按照官方文档使用 symfony 2 标准发行版提供的安全性来验证我的用户,通过 Doctrine2 将它们持久保存在数据库中,关于配置似乎一切正常,但我总是得到同样的错误:Bad Credentials

我已经使用 DoctrineFixturesBundle 加载了一些用户和角色,并且似乎可以完成加载。所以,我认为问题出在身份验证过程中的某个地方,这对我来说是透明的......我不知道如何调试它,希望有任何帮助......

谢谢!如果您需要任何其他代码片段,请告诉我,我将编辑问题。我没有在这里粘贴代码,以使问题更具可读性......

编辑2:正如@Dieter所建议的,我检查了日志,似乎没有数据传递给查询,这很奇怪,因为我遵循了他们在食谱中提到的每一个约定......这也是我的定义登录表格。对不起,很长的问题!任何帮助将不胜感激!

LoginType.php 的片段:

  public function buildForm(FormBuilder $builder, array $options) {
    $builder->add('_username', 'text', array(
        'label' => 'Email ',
        'required' => true,
    ));
    $builder->add('_password', 'password', array(
        'label' => 'Password ',
        'required' => true,
    ));
    $builder->add('_remember_me', 'checkbox', array(
        'label' => 'Remember me ',
        'required' => false,
    ));
  }

app/logs/dev.log 输出:

[2012-04-17 03:43:01] event.DEBUG: Notified event "kernel.request" to listener
                      "Symfony\Component\Security\Http\Firewall::onKernelRequest".
                      [] []
[2012-04-17 03:43:01] doctrine.DEBUG: SET NAMES UTF8 ([]) [] []
[2012-04-17 03:43:01] doctrine.DEBUG: SELECT t0.id AS id1, t0.username AS
                      username2, t0.salt AS salt3, t0.password AS password4,
                      t0.is_active AS is_active5, t0.mailer_id AS mailer_id6
                      FROM SfUser t0 WHERE t0.username = ? (["NONE_PROVIDED"])
                      [] []
[2012-04-17 03:43:01] security.INFO: Authentication request failed: Bad
                      credentials [] []
[2012-04-17 03:43:01] security.DEBUG: Redirecting to / [] []

编辑:由于我的 pastebin 链接已过期,并且正如 Peter Polfey 所建议的,这是代码:

这是我的 security.yml

security:
    encoders:
        ElCuadre\AccountBundle\Entity\User: sha512

    role_hierarchy:
        ROLE_ADMIN:       [ROLE_USER, ROLE_PROVIDER]
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_PROVIDER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        user_db:
            entity: { class: ElCuadre\AccountBundle\Entity\User, property: username}

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false
        secured_area:
            pattern:  ^/
            anonymous: ~
            form_login:
                login_path: /
                check_path: /login_check
            logout:
                path:   /logout
                target: /
            remember_me:
              key:      %secret%
              lifetime: 3600
              path:     /
              domain:   ~ # Defaults to the current domain from $_SERVER

    access_control:
        - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }

和我的控制器:

public function loginAction() {
    $request = $this->getRequest();
    $session = $request->getSession();

    // get the login error if there is one
    if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
      $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
    } else {
      $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
      $session->remove(SecurityContext::AUTHENTICATION_ERROR);
    }

    $form = $this->createForm(new LoginType());
    return $this->render(
                    'ElCuadreAccountBundle:Auth:login.html.twig',
                     array(
                         'form'         => $form->createView(),
                         'last_username' => $session->get(
                                              SecurityContext::LAST_USERNAME),
                         'error'       => $error,
                         )
    );
}

这是夹具文件的代码:

<?php

namespace ElCuadre\AccountBundle\DataFixtures\ORM;

use Doctrine\Common\Persistence\ObjectManager;
use Doctrine\Common\DataFixtures\FixtureInterface;
use Doctrine\Common\DataFixtures\AbstractFixture;
use ElCuadre\AccountBundle\Entity\User;
use ElCuadre\AccountBundle\Entity\Role;
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;

class LoadAccountData extends AbstractFixture implements FixtureInterface, ContainerAwareInterface {

  private $container;

  public function setContainer(ContainerInterface $container = null) {
    $this->container = $container;
  }

  private function loadRole($manager, $name, $roleName) {
    $role = new Role();
    $role->setName($name);
    $role->setRole($roleName);
    $manager->persist($role);
    $manager->flush();
    return $role;
  }

  private function loadUser($manager, $username, $password, $roles) {
    $user = new User();
    $user->setUsername($username);
    $encoder = $this->container->get('security.encoder_factory')->getEncoder($user);
    $user->setPassword($encoder->encodePassword($password, $user->getSalt()));
    foreach ($roles as $role) {
      $user->addRole($role);
    }
    $manager->persist($user);
    $manager->flush();
  }

  public function load(ObjectManager $manager) {
    // Roles:
    $roleUser = $this->loadRole($manager, 'user', 'ROLE_USER');
    $roleProvider = $this->loadRole($manager, 'provider', 'ROLE_PROVIDER');
    $roleAdmin = $this->loadRole($manager, 'admin', 'ROLE_ADMIN');
    $roleSuperAdmin = $this->loadRole($manager, 'superadmin', 'ROLE_SUPER_ADMIN');
    // Users:
    $this->loadUser($manager, 'user@elcuadre.com', 'userpass', $roleUser);
    $this->loadUser($manager, 'provider@elcuadre.com', 'providerpass', $roleProvider);
    $this->loadUser($manager, 'admin@elcuadre.com', 'adminpass', $roleAdmin);
    $this->loadUser($manager, 'superadmin@elcuadre.com', 'superadminpass', $roleSuperAdmin);
  }
}
4

1 回答 1

9

如果我发生类似的错误,那么 app/logs/dev.log 或 /var/log/apache2/error.log 等系统日志中总会显示某种问题。
你看到那里有什么弹出来的吗?

编辑:作为对您的新信息的反应

您自己构建该表单是否有原因?如您参考的文档中所述,您可以制作树枝模板并将字段命名为“_username”和“_password”。那么魔法应该为你完成。

于 2012-04-14T08:50:00.243 回答