这是我的第一个 Symfony 2 应用程序,我正在尝试注销当前登录的用户。
这是我的 app/config/security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
user0: { password: user0, roles: [ 'ROLE_ADMIN' ] }
user1: { password: user1, roles: [ 'ROLE_SUPER_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/demo/secured/login$
security: false
secured_area:
pattern: ^/
logout: ~
anonymous: ~
http_basic:
realm: "Secured Area"
access_control:
- { path: ^/question/*, roles: ROLE_ADMIN }
- { path: ^/questiongroup/*, roles: ROLE_ADMIN }
- { path: ^/answer/*, roles: ROLE_ADMIN }
- { path: ^/newslettertemplate/*, roles: ROLE_ADMIN }
- { path: ^/customer/*, roles: ROLE_SUPER_ADMIN }
- { path: ^/statistics/*, roles: ROLE_SUPER_ADMIN }
我在 routing.yml 中创建了注销条目,如 symfony 安全文档中所述:
logout:
path: /logout
当我创建指向“注销”的链接时,我确实被重定向到“/”,这没关系。但是用户仍然是经过身份验证的,这意味着实际的注销不起作用。