0
我以爲終於能夠正確管理Symfony 2的登錄了。但是當我登錄後重定向到另一個頁面時,System Profiler讓我回想起用戶登錄在但未經認證和角色:ROLE_USER
。系統分析器讓我用戶登錄但未通過身份驗證
如果我回到登錄頁面,但我正確的用戶登錄,通過認證並具有作用:ROLE_USER
我希望這是一個愚蠢的錯誤,因爲我最近開始使用的Symfony。 希望有人已經遇到過這個問題?誰能幫我?
編輯1: 這是我security.yml
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Wearplay\UserBundle\Entity\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
#ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
user:
entity: { class: WearplayUserBundle:User }
firewalls:
main:
pattern: ^/
provider: user
form_login:
check_path: login_check
login_path: login
default_target_path: /home
anonymous: true
remember_me:
key: "%secret%"
lifetime: 2232000
path: /
domain: ~
logout:
path: /logout
target: /home
#secured_area:
# provider: user
# pattern: ^/
# form_login:
# check_path: login_check
# login_path: login
# default_target_path: home
# anonymous: ~
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: http }
#- { path: ^/logout, roles: IS_AUTHENTICATED_FULLY, requires_channel: https }
#- { path: ^/home, roles: ROLE_USER, requires_channel: https }
#
# You must uncomment the two following rules to restrict access to paths
# starting with the /_internal prefix to only localhost
#- { path: ^/_internal/secure, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
#- { path: ^/_internal/secure, roles: ROLE_NO_ACCESS }
你檢查的Symfony的了'IS_AUTHENTICATED_FULLY'和'IS_AUTHENTICATED_REMEMBERED'之間的規則? [一些關於它的文檔](http://symfony.com/doc/current/cookbook/security/remember_me.html#forcing-the-user-to-re-authenticate-before-accessing-certain-resources) – 2013-03-21 01:16:19
@ThomasPotaire 謝謝。但是,一旦您登錄並且用戶自動獲得角色ROLE_USER,它也會獲得IS_AUTHENTICATED_FULLY? – 2013-03-21 16:36:50
'IS_AUTHENTICATED_FULLY'被授予,直到用戶關閉標籤頁/窗口(它可能比這更復雜,但你明白了)。 – 2013-03-21 19:30:52