English 中文(简体)
检查:ony子防火墙后面的 t,如何纠正?
原标题:Check_path isn t behind symfony s firewall , how to correct this?

I am trying to authenticate against symfony2 firewall , here is my security config 

security:
    encoders:
        SymfonyComponentSecurityCoreUserUser: plaintext
    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
    providers:
        in_memory:
            users:
                user:  { password: user, roles: [  ROLE_USER  ] }
                admin: { password: admin, roles: [  ROLE_ADMIN  ]}
        #main:
            #entity: { class: SurgeworksCoreBundleEntityUser, property: username}
    firewalls:
        public:
           pattern: .*
           security: false
           anonymous: true
           form_login:
                check_path: /{_locale}/admin/logincheck
        login:
           pattern: ^/{_locale}/admin/login$
           security: false
           anonymous:  ~
        dev:
           pattern:  ^/(_(profiler|wdt)|css|images|js)/
           security: false
           anonymous:  ~
        secured_area :
            provider:   in_memory
            pattern: ^/{_locale}/admin/.*
            form_login:
                check_path: /{_locale}/admin/logincheck
                login_path: /{_locale}/admin/login
            logout:
                path : /{_locale}/admin/logout
                target : /{_locale}/admin/
            remember_me:
               key:      aSecretKey
               lifetime: 3600
               path:     /admin/
               domain:   ~ # Defaults to the current domain from $_SERVER 
    access_control:
        - { path: ^/{_locale}/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/{_locale}/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/ar/admin/logincheck, roles: ROLE_ADMIN }
        - { path: ^/(ar|en|fr)/admin/, roles: ROLE_ADMIN }

我的行程载于<代码>。 DaghoSiteBundle/Resources/config/routing.yml :

_admin:
    pattern: /admin/
    defaults: { _controller: DaghoSiteBundle:Login:login , _locale : ar }
    requirements:
     _locale: (ar|en|fr)
login:
    pattern: /admin/login
    defaults : { _controller: DaghoSiteBundle:Login:login , _locale : ar }
    requirements:
        _locale: (ar|en|fr)
logincheck:
    pattern: /admin/logincheck
    #defaults: { _controller: DaghoSiteBundle:Login:logincheck , _locale: ar }
    #requirements:
        #_locale: (ar|en|fr)
logout:
    pattern: /admin/logout

I can t login through these setting , it always throw an exception

Unable to find the controller for path "/ar/admin/logincheck". Maybe you forgot to add the matching route in your routing configuration

and even if had setup the route check_path page >> i would be able to view the check_path without being redirected to login page ..

/en/admin >> login page 
/en/logincheck >> display the logincheck template (i.e  /en/logincheck isn t behind firewall )

请就如何确定或减少这一问题提出建议。

UPDATE: sorry I might forget to write that i had prefixed my bundle with the {_locale} like this in my routing.yml 

DaghoSiteBundle:
    resource: "@DaghoSiteBundle/Resources/config/routing.yml"
    prefix:   /{_locale}
    requirements:
        _locale: ar|en|fr
    defaults: { _locale: ar }
问题回答

我认为,你必须改变其路线模式,以包括你的<条码>-之四>参数。 而不是例如<代码>pattern:>/admin/logincheck。 页: 1

您也可以通过使用一个星座的指令,app/console pathr:debug,对你的路线进行 de弄。

我确信,这不是100%解决你的问题,但我希望这有助于你更多地了解你的问题。

时间:2011-10-17 13:30:25

为什么要你尝试

logincheck:
    pattern: /admin/login_check
    #defaults: { _controller: DaghoSiteBundle:Login:logincheck , _locale: ar }
    #requirements:
        #_locale: (ar|en|fr)
时间:2012-04-13 04:05:06

这解决了我的问题,但我的情况很简单,只有{-地方}才能发挥作用,但也许会帮助你。

From the Security chapter of the Symf2 Book:
Common Pitfalls #3: Be sure /login_check is behind a firewall.

In your security.yml file it looks like your check_path route is /{_locale}/admin/logincheck, and your secured path is anything that s behind ^/{_locale}/admin/.* so that seems to be good.
You might want to try removing the .* (do you really need it?)

and further down the file in the access control section you provide a specific entry to make sure the check_path requires authentication: - { path: ^/ar/admin/logincheck, roles: ROLE_ADMIN }
Maybe try specifying this instead:
- { path: ^/{_locale}/admin/logincheck, roles: ROLE_ADMIN }

但实际上,我很想知道,你甚至在安全中使用{持有人}。 湿度值? 我知道你可以坐在路边,但我不敢肯定,安全通道是否同样运作? 我看不出,在安全或路线各章中的主要 s夫2书中,它被用于任何例子?

时间:2012-06-11 19:17:00


上一篇:
下一篇:


相关问题
ajax login using httpRequest?

I am trying to develop my login script to give feedback to the user if the login is valid or not. Basically if it isn t correct a div box will show saying its wrong, if its correct it will show its ...

时间:2009-11-14 12:18:03 回答:4 展示:1
Remotely authenticating client Windows user on demand

Suppose I am writing a server for a particular network protocol. If I know that the client is running on a Windows machine, is it possible for my server to authenticate the Windows user that owns the ...

时间:2009-11-14 11:57:12 回答:1 展示:1
Role/Permission based forms authorizing/authentication?

While looking into forms authorizing/authentication, I found that it is possible to do role based authorizing by adding an array of roles to a FormsAuthenticationTicket. That way I can write User....

时间:2009-11-05 23:14:23 回答:1 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全