2

我刚刚使用 ORM 和 MySQL 为 Symfony2 安装了 FOSUserBundle,但我无法使注册页面可供匿名用户使用。

如果我去

http://myapp.localhost/login

它显示登录表单,但是如果我去:

http://myapp.localhost/register

它会将我重定向回登录表单。

这就是问题所在,如果我在login屏幕上登录,然后导航到register屏幕,就会显示注册表单。

查看日志,这是我得到的:

request.INFO: Matched route "fos_user_registration_register" 
(parameters: "_controller":
 "Symfony\Bundle\FrameworkBundle\Controller\RedirectController::urlRedirectAction",
   "path": "/register/",
   "permanent": "true",
   "scheme": "null",
   "httpPort": "80",
   "httpsPort": "443", "_route": "fos_user_registration_register") [] []

 request.INFO: Matched route "fos_user_registration_register" 
 (parameters: "_controller": 
 "FOS\UserBundle\Controller\RegistrationController::registerAction", 
 "_route": "fos_user_registration_register") [] []

  security.INFO: Populated SecurityContext with an anonymous Token [] []
  [2013-08-12 13:48:37] event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
  [2013-08-12 13:48:37] security.DEBUG: Access is denied (user is not fully authenticated) by "/usr/share/www/etsytracker/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php" at line 73; redirecting to authentication entry point [] []

所以看起来我得到了一个匿名令牌,但是 Symfony 说我没有完全通过身份验证并将我踢到登录页面。

这是我的 security.yml 文件:

security:
acl:
   connection: default
encoders:
   FOS\UserBundle\Model\UserInterface: sha512

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

providers:
    fos_userbundle:
        id: fos_user.user_provider.username

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
        logout: true
        anonymous: true

    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

access_control:
    - { path: ^/register$,                roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
    - { path: ^/login$,                   roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
    - { path: ^/resetting$,               roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
    - { path: ^/,                         roles: 'ROLE_USER'  }
    - { path: ^/admin,                    roles: 'ROLE_ADMIN' }

和我关于 FOSBundle 的 config.yml:

fos_user:
  db_driver: orm
  firewall_name: main
  user_class: TestBundle\MyTestBundle\Entity\Users
4

2 回答 2

1

正如 m0c 指出的那样。

在我的 config.yml 文件中,我认为^/路径只能由经过身份验证的用户访问,并且我只将^login$路径列入白名单,而不是^/register$路径。

删除^/该路径的角色,解决了这个问题。

于 2013-08-12T20:16:12.453 回答
1

只需为安全区域创建另一个规则。

前任。:

access_control:
    - { path: ^/register$,  roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
    - { path: ^/login$,     roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
    - { path: ^/resetting$, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
    - { path: ^/dashboard,  roles: 'ROLE_USER' }
    - { path: ^/.*,         roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
    - { path: ^/admin,      roles: 'ROLE_ADMIN' }
于 2013-08-13T09:09:46.630 回答