0

根据 symfony 2 文档,默认情况下,如果用户尝试访问安全页面,他们将被提示到登录页面,成功登录后,他们将被重定向到他们打算访问的原始页面。(参考)。

但是在我的应用程序中,无论他们是否尝试访问 mysite.com/blog/post/2/edit,用户总是被重定向到 /。

这是我的security.yml:

jms_security_extra:
    secure_all_services: false
    expressions: true

security:
    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    providers:
        main:
            entity: {class: Done\PunctisBundle\Entity\User, property: username}

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            remember_me:
                key: %secret%
                lifetime: 3600
                path: /
                domain: ~
            pattern: ^/
            anonymous: ~
            form_login:
                login_path: /login
                check_path: /login_check
            logout:
                path:   /logout
                target: /

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/signup, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/verification, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/popup/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/ajax/track, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/ajax/socialbox, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: ROLE_USER }

    encoders:
        Done\PunctisBundle\Entity\User:
            algorithm:   md5
            iterations: 1
            encode_as_base64: false

和登录表单:

<?php $view -> extend('DonePunctisBundle:TemplateBases:default.html.php'); ?>

<?php $view['slots']->start('body')
?>
    <h1 class="worldH1">
                Effettua il <span>login</span> su Punctis<br>e inizia a guadagnare!
         </h1>
         <div id="loginContent" class="container pageContent">
             <?php 
             if(isset($error)){
                 ?>
                <div class="alert alert-error">
                    <?=$error->getMessage() ?>
                </div>
                 <?php
             } else{?>
             <div class="alert">
                <strong>SEI NUOVO?</strong> Se non hai ancora un account, <a href="#">registrati</a> in meno di un minuto!
            </div>
            <?php } ?>
            <div id="loginForm">
                <div class="row">
                    <div class="span3">
                        <h2>Logina via Social</h2>
                         <p>
                            <a href="#" id="signupFacebookStart" class="socialButton">  <?=$this -> get('translator') -> trans('login.via.facebook', array(), 'front'); ?></a>
                        </p>

                        <p>
                            <a href="#" id="signupTwitterStart" class="socialButton tw">  <?=$this -> get('translator') -> trans('login.via.twitter', array(), 'front'); ?></a>
                        </p>
                    </div>
                    <div class="span4">

                        <div id="loginFormCanvas">
                            <h2>Logina via Mail</h2>
                        <form action="<?php echo $view['router']->generate('done_punctis_user_login_check') ?>" method="post">


                                             <label class="control-label required" for="login_email">Mail:</label>


                                                <input type="text" value="<?php echo (isset($last_username)? $last_username: null); ?>"  id="login_email" name="_username" class="input-large">







                                            <label class="control-label required"  for="login_email">Password:</label>

                                                <input type="password"  name="_password" value=""  id="login_email"  class="input-large">




        <label for="remember_me" class="checkbox"><input type="checkbox" id="remember_me" name="_remember_me" checked /> Remember me</label>
                                                <input type="hidden" name="_target_path" value="/" />
                                                <button class="btn btn-primary" type="submit">Login</button> <a id="loginForgetPass" href="#">Password Dimenticata?</a>

                                        </form>

                    </div>
                    <div class="clear"></div>
                    </div>

                </div>

            </div>

         </div>



<?php $view['slots']->stop() ?>
4

2 回答 2

2

默认情况下,属性路径的表单登录策略是,当用户尝试在未经身份验证的情况下访问安全页面时,将路径存储到会话中,然后再重定向到登录页面。所以成功登录后,用户被重定向到这个路径。但是有两种方法可以禁用此机制。

如果将always_use_default_target_path选项设置为TRUE,则​​不会存储路径,并且用户在成功登录后将始终重定向到配置的default_target_path(默认/)。

如果您在请求中添加_target_path参数,用户将在成功登录后被重定向到该参数包含的路径。

因此,在您的示例中,用户在登录后总是被重定向到路径/,因为您的登录表单中有一个_target_path隐藏字段,其值为/

于 2013-01-11T08:37:46.470 回答
0

security.ymlform_login的防火墙部分,您必须指定要使用referer

security:
    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    providers:
        main:
            entity: {class: Done\PunctisBundle\Entity\User, property: username}

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            remember_me:
                key: %secret%
                lifetime: 3600
                path: /
                domain: ~
            pattern: ^/
            anonymous: ~
            form_login:
                login_path: /login
                check_path: /login_check
                use_referer: true
            logout:
                path:   /logout
                target: /

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/signup, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/verification, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/popup/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/ajax/track, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/ajax/socialbox, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: ROLE_USER }

    encoders:
        Done\PunctisBundle\Entity\User:
            algorithm:   md5
            iterations: 1
            encode_as_base64: false
于 2013-01-11T10:36:13.823 回答