1. 首頁
  2. 問答
  3. Symfony2的登錄一直說不好憑據

Symfony2的登錄一直說不好憑據

2013-11-25 26 views
0

你好,我跟着這個教程: http://symfony.com/doc/current/cookbook/security/entity_provider.htmlSymfony2的登錄一直說不好憑據

我security.yml:

security: 
    encoders: 
     Symfony\Component\Security\Core\User\User: plaintext 
     modules\UserBundle\Entity\User: 
      algorithm:  sha1 
      encode_as_base64: false 
      iterations:  1 

    role_hierarchy: 
     ROLE_ADMIN:  ROLE_USER 
     ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] 

    providers: 
     chain_provider: 
      chain: 
       providers: [in_memory, user_db] 
     in_memory: 
      memory: 
       users: 
        test: { password: test } 
     user_db: 
      entity: { class: modulesUserBundle:User } 

    firewalls: 
     dev: 
      pattern: ^/(_(profiler|wdt)|css|images|js)/ 
      security: false 

     login: 
      pattern: ^/demo/secured/login$ 
      security: false 

     login_firewall: 
      pattern: ^/login$ 
      anonymous: ~ 

     secured_area: 
      pattern: ^/ 
      provider: user_db 
      http_basic: 
       realm: "Secured Demo Area" 
       provider: in_memory 
      form_login: ~ 

      logout: 
       path: _demo_logout 
       target: _demo 
      #anonymous: ~ 
      #http_basic: 
      # realm: "Secured Demo Area" 

     admin_area: 
      pattern: ^/admin 
      http_basic: ~ 

    access_control: 
     - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: ^/admin/users, roles: ROLE_SUPER_ADMIN } 
     - { path: ^/admin, roBad credentialsles: ROLE_ADMIN } 
     #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

在數據庫中我有這樣的:

用戶:

(id, username, salt, password, email, is_active) 
(1,'admin','123456','7c4a8d09ca3762af61e59520943dc264','[email protected]',1) 
(2,'bruno','123456','7c4a8d09ca3762af61e59520943dc264','[email protected]',1)

角色:

(id, name, role) 
(1,'Admin','ROLE_ADMIN') 
(2,'User','ROLE_USER')

USER_ROLE:

(user_id, role_id) 
(1,1) 
(2,2)

每次我試圖從DB一個用戶我 「壞憑據」 登錄。 但是,如果我用'測試'用戶登錄,在in_memory中定義,沒有問題

我認爲錯誤是在我的security.yml中。但是我做錯了什麼?

來源

2013-11-25 BrunoRamalho

+1

你檢查日誌文件? –

回答

1

你是怎麼在DB中註冊這個用戶的?我可以以純文本的方式看到用戶密碼,所以我想在登錄過程中,它會在你的配置文件中加入密碼,並且在hole進程編碼後傳遞!= db pass,所以它不能進行登錄。編碼數據庫密碼,我相信會永久運行
如果你正在加載燈具,使用$ user-> setPlainPassword('pass')來存儲用戶的密碼,比較db值與新的值,看看他們有多不同
我希望它能幫助你

來源

2013-11-25 11:16:05 Imanol

+0

我使用相同的SHA1使用鹽和密碼,因爲我不確定鹽。帖子編輯 – BrunoRamalho

0

固定:
security.yml

security: 
    encoders: 
     Symfony\Component\Security\Core\User\User: plaintext 
     modules\UserBundle\Entity\User: 
      algorithm:  sha1 
      encode_as_base64: false 
      iterations:  1 

    role_hierarchy: 
     ROLE_ADMIN:  ROLE_USER 
     ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] 

    providers: 
     administrators: 
      entity: { class: modulesUserBundle:User } 

    firewalls: 
     login_firewall: 
      pattern: ^/login$ 
      anonymous: ~ 
     secured_area: 
      pattern: ^/ 
      provider: administrators 
      form_login: ~ 

    access_control: 
    - { path: ^/admin/, roles: ROLE_ADMIN }

來源

2013-11-25 12:16:10 BrunoRamalho

相關問題

 相關問題