0

我有一个自定义用户提供程序,遵循以下指南:

http://symfony.com/doc/current/cookbook/security/custom_provider.html

一切正常,但我无法访问受限区域。

在我的UserProvider课堂上,我将$rolesvar 设置为 have array("ROLE_USER"),这是我访问路由 app/list 所需的权限,但是当我转到 app/list 时,Symfony 会一次又一次地重定向我登录。

我已经看到了调试工具栏,它的结果是:

Username    anon.
Authenticated?   yes
Roles   { }
Token class Symfony\Component\Security\Core\Authentication\Token\AnonymousToken

我的 security.yml 文件是:

security:
firewalls:
    secured_area:
        pattern:    ^/
        anonymous: ~
        form_login: ~
        http_basic:
            realm: "Secured Demo Area"
        form_login:
            provider: webservice
            login_path: login
            check_path: login_check
            always_use_default_target_path: true
            default_target_path: listado_actas
        logout:
            path:   logout
            target: login

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

access_control:
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY }

providers:
    webservice:
        id: webservice_user_provider

encoders:
    Symfony\Component\Security\Core\User\User: plaintext
    Actas\Gestion\UserBundle\Security\User\WebServiceUser:
        id: my.encoder.service

我的UserProvider班级如下所示。我只是调用一个 XML 服务,它给了我一个我将存储在我的令牌中UserClass

public function loadUserByUsername($username)
{
    $salt = "";
    $roles = "";
    // make a call to your webservice here

    $password = $this->request->get('_password');
    $xml_interface = new XMLInterfaceBundle();
    $token = $xml_interface->requestLogin($username, $password);

    if (strlen($token) > 10) {
        $roles = array("ROLE_USER");
        $salt  = "";
        return new WebserviceUser($username, $password, $salt, $roles, $token);
    }

    throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
}

这是我UserObjectDaoAuthenticationProvider::checkAuthentication()

Actas\Gestion\UserBundle\Security\User\WebserviceUser Object
(
    [username:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] => 44886706X
    [password:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] => 44886706XkCrDP
    [salt:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] => 
    [roles:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] => Array
        (
            [0] => ROLE_ADMIN
        )

    [my_token:Actas\Gestion\UserBundle\Security\User\WebserviceUser:private] => 
)

这是我的routing.yml:

xml_interface:
    resource: "@XMLInterfaceBundle/Resources/config/routing.yml"
    prefix:   /

actas:
    resource: "@ActasBundle/Resources/config/routing.yml"
    prefix:   /

login:
    pattern:   /login
    defaults:  { _controller: UserBundle:Default:login }

login_check:
    pattern:   /login_check

logout:
    pattern:   /logout
4

1 回答 1

0

只需尝试设置Role_hierarchy如下:

security:
    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

不要忘记将对象的 设置roleUserROLE_ADMIN例如,为了匹配role_hierarchy.

于 2014-01-28T10:15:56.663 回答