2

I want to access a REST webservice which is provided by symfony2 and FOSRestBundle. I use HTTP Base Authentication. Unfortunately i cannot figure out, how to get the HTTP codes 401 and 403 back, if the authentication stuff is not (correct) provided.

This is how i call the service with jquery/AJAX:

$.ajax({
                url: url + "/api/places.json",
                type: 'GET',
                data: {data}, 
                dataType: "json",
                beforeSend: function(xhr) {
                    xhr.setRequestHeader('Authorization', auth);
                }
            }).done( function(data, textStatus, xhr) {
                console.log('JSONAdapter.findPlacesByUser '+xhr.status);
                callback(data);
            }).fail( function(xhr, err) {
                console.log('JSONAdapter.findPlacesByUser ERROR '+err+': '+xhr.status+' '+xhr.responseText);
            });

Neither the 'done' nor the 'fail' function is executed when i provide wrong or none Authorization data.

Even with this stuff (in the same file as where i place the above AJAX call) i can't get any error message or status code:

$(document).ajaxError(function(event, jqxhr, settings, exception) {
        console.log('ajaxError');
        if(jqxhr.status == 403)
        {
            console.log('Not authorized');
        }
    });

This is my FOSRestBundle configuration in symfonys config.yml:

twig:
debug:            %kernel.debug%
strict_variables: %kernel.debug%
exception_controller: 'FOS\RestBundle\Controller\ExceptionController::showAction'

fos_rest:
view:
    view_response_listener: 'force'
    failed_validation: HTTP_BAD_REQUEST
    default_engine: php
    formats:
        json: true
        xml: false
        rss: false
format_listener:
    prefer_extension: true
body_listener:
    decoders:
        json: fos_rest.decoder.json
param_fetcher_listener: true
allowed_methods_listener: true
access_denied_listener:
    json: true
exception:
    codes:
        'Symfony\Component\Routing\Exception\ResourceNotFoundException': 404
        'Doctrine\ORM\OptimisticLockException': HTTP_CONFLICT
        'Symfony\Component\Security\Core\Exception\AuthenticationException': 401
        'Symfony\Component\Security\Core\Exception\AccessDeniedException': 403

security.yml:

jms_security_extra:
    secure_all_services: false
    expressions: true
security:
    encoders:
        XXXX\UserBundle\Entity\User: 
            algorithm:   sha1
            iterations: 1
            encode_as_base64: false
    providers:
        api_users:
            entity: { class: XXXXUserBundle:User, property: email }
    firewalls:
        rest_webservice:
            pattern: ^/api
            stateless: true
            http_basic:
                provider: api_users
                realm: "XXXX API"

Guess you see, that i have tried some stuff (e.g. the last two lines). But right now i am stuck and don't know where to start debugging.

How can i receive the HTTP status codes when Authentication is needed or when it fails?

Any help would be appreciated :-)

4

1 回答 1

0

请通过更改您的 config.yml 来尝试此操作

exception:
        codes:
            'acme\RestBundle\Exceptions\RestAuthenticationFailedException' : 403

使用 Restbundle 身份验证异常处理程序。这对我有用。而且你必须\acme\RestBundle\Exceptions\RestAuthenticationFailedException()从你的 REST 控制器中抛出。

于 2013-05-06T06:47:18.183 回答