10

无论如何,我对 symfony 并不陌生,但我一直使用FOSUserBundle它,默认情况下会阻止一个人使用 2 个不同的登录表单来验证两种不同的用户类型。

我有两个实体,一个是Admins,另一个是Users。管理员只能在管理区域登录,同样用户也只能通过前端登录。

我关注了: http ://symfony.com/doc/2.1/book/security.html 这也引导我访问http://symfony.com/doc/2.1/cookbook/security/entity_provider.html

我的 security.yml 是:

jms_security_extra:
    secure_all_services: false
    expressions: true

security:
    encoders:
        Symfony\Component\Security\Core\User\User: sha512
        Fm\AdminBundle\Entity\Admins: sha512
        Fm\MainBundle\Entity\Users: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        chain_provider:
            chain:
                providers: [in_memory, admin]
        in_memory:
            memory:
                users:
                    user:  { password: userpass, roles: [ 'ROLE_USER' ] }
                    admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }

        admin:
            entity: { class: Fm\AdminBundle\Entity\Admins, property: username }


    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false
            anonymous: true

        alogin:
            pattern:  ^/admin/login
            security: false
        login:
            pattern:  ^/login
            security: false
        secured_area:
            pattern:    ^/admin
            anonymous: false
            provider: chain_provider
            switch_user: true
            form_login:
                check_path: /admin/login_check
                login_path: /admin/login
            logout:
                path:   /admin/logout
                target: /admin
        members_area:
            pattern: ^/
            anonymous: false
            form_login: ~
            logout:
                path: /logout
                target: /
            #anonymous: ~
            #http_basic:
            #    realm: "Secured Demo Area"

    access_control:
        - { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, roles: ROLE_ADMIN }

在我的路线中,我已经定义了文档中的路线:(默认为 /admin/login 和 /admin/login_check 因为我的主要路由包括设置 /admin 的位置)

_admin_login:
    pattern:   /login
    defaults:  { _controller: FmAdminBundle:Security:login }

_admin_login_check:
    pattern:   /login_check

我在浏览器中遇到的错误是:

Unable to find the controller for path "/admin/login_check". Maybe you forgot to add the matching route in your routing configuration?

堆栈跟踪告诉我: WARNING - Unable to look for the controller as the "_controller" parameter is missing

ERROR - Symfony\Component\HttpKernel\Exception\NotFoundHttpException: Unable to find the controller for path "/admin/login_check". Maybe you forgot to add the matching route in your routing configuration? (uncaught exception) at /var/www/mysite.dev/symfony/app/bootstrap.php.cache line 1419

4

2 回答 2

11

要在 symfony 2XX 中实现多重登录,请尝试以下代码

安全.yml

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext
        Company\AngularBundle\Entity\User: plaintext
        Company\AngularBundle\Entity\Admin: plaintext

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
       users:
           entity: { class: CompanyAngularBundle:User, property: username }
       admin:
           entity: { class: CompanyAngularBundle:Admin, property: username }

    firewalls:
        admin_secured_area:
            pattern:   ^/admin
            anonymous: ~
            provider: admin
            form_login:
                login_path: /admin/login
                check_path: /admin/login_check
                default_target_path: /admin

        user_secured_area:
            pattern:   ^/
            anonymous: ~
            provider: users
            form_login:
                login_path: login
                check_path: login_check
                default_target_path: /home

路由.yml

login_check:
    path: /login_check
admin_login_check:
   path: /admin/login_check

树枝文件

Action of login form should be like this
<form action="{{ path('login_check') }}" method="post">

Action of admin/login form should be like this
<form action="{{ path('admin_login_check') }}" method="post">
于 2014-07-03T06:19:25.700 回答
3

问题是登录“secured_area”防火墙后,您会重定向到“members_area”防火墙后面的“/”。您无法使用来自“secured_area”的凭据访问“members_area”(至少默认情况下不会)。阅读http://symfony.com/doc/current/reference/configuration/security.html#reference-security-firewall-context上的详细信息。

如果您查看安全配置 ( http://symfony.com/doc/current/reference/configuration/security.html ),您会看到 form_login 的 default_target_path 是“/”。只需将其更改为 /admin:

security:
    ...

    firewalls:
    ...
        secured_area:
            pattern:    ^/admin
            ...
            form_login:
                check_path: /admin/login_check
                login_path: /admin/login
                default_target_path: /admin
            logout:
    ...

另一种方法是按照第一个链接 ( http://symfony.com/doc/current/reference/configuration/security.html#reference-security-firewall-context )中的描述共享上下文。

于 2013-03-13T08:14:30.250 回答