pog*_*ogo 7 authentication symfony
我无法让身份验证工作,但它似乎只在非常具体的情况下发生.身份验证是通过第三方API完成的,所以我编写了自己的用户提供程序类,在该类中有一些代码可以同步API和Symfony之间的数据,作为同步过程的一部分,它决定了用户应该拥有哪些角色.执行此操作后,它通过ManyToMany关系设置角色和用户之间的关系.
我的User对象中的getRoles()方法从数据库中获取角色对象,并将其转换为字符串数组,角色名称来自我的数据库,所有角色名称都以ROLE_开头.
如果我使用不应该有额外角色的帐户登录,它可以正常工作,但是如果我登录到应该有角色的帐户,我只会被发送回登录屏幕而没有错误消息.
我检查了日志并看到了这些条目:
security.INFO: User "test105@example.com" has been authenticated successfully [] []
event.DEBUG: Notified event "security.interactive_login" to listener "Pogo\MyBundle\Listener\LoginListener::onSecurityInteractivelogin". [] []
event.DEBUG: Listener "Symfony\Component\Security\Http\Firewall::onKernelRequest" stopped propagation of the event "kernel.request". [] []
event.DEBUG: Listener "Symfony\Bundle\FrameworkBundle\EventListener\RouterListener" was not called for event "kernel.request". [] []
event.DEBUG: Listener "Symfony\Bundle\AsseticBundle\EventListener\RequestListener" was not called for event "kernel.request". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\Security\Http\Firewall\ContextListener::onKernelResponse". [] []
security.DEBUG: Write SecurityContext in the session [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ResponseListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bundle\SecurityBundle\EventListener\ResponseListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bridge\Monolog\Handler\FirePHPHandler::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Sensio\Bundle\FrameworkExtraBundle\EventListener\CacheListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bundle\WebProfilerBundle\EventListener\WebDebugToolbarListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.request" to listener "Symfony\Bundle\FrameworkBundle\EventListener\RouterListener::onEarlyKernelRequest". [] []
event.DEBUG: Notified event "kernel.request" to listener "Symfony\Bundle\FrameworkBundle\EventListener\SessionListener::onKernelRequest". [] []
event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\Security\Http\Firewall::onKernelRequest". [] []
security.INFO: Populated SecurityContext with an anonymous Token [] []
event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
security.DEBUG: Access denied (user is not fully authenticated); redirecting to authentication entry point [] []
security.DEBUG: Calling Authentication entry point [] []
我不明白它是如何在顶部进行身份验证的,然后一旦它检查防火墙就会发现自己有一个匿名令牌,这就是为什么它可能会把我送回登录界面.
我的防火墙/ access_control设置是:
firewalls:
public:
pattern: /.*
anonymous: true
tessitura_login:
login_path: /account/login
check_path: /secure/login_check
logout:
path: /secure/logout
target: /
access_control:
- { path: ^/secure/.*, role: ROLE_USER }
- { path: ^/admin.*, role: ROLE_ADMIN }
- { path: ^/account/login/?, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
任何有关这方面的帮助都会受到大力赞赏,我现在花了几个小时就完成了这件事,我完全被难过了.
我也有过同样的经历。当我的用户登录时,我使用如下语句检查他的角色:
if(true === $this->get('security.context')->isGranted('ROLE_MANAGER')){
//return redirect
}
if(true === $this->get('security.context')->isGranted('ROLE_USER')){
//return redirect
}
//throw error
有时,一些用户会遇到错误。我想也是出于同样的原因。用户已通过某种方式进行身份验证,但尚未获得其角色。
我自己无法重现该问题。我刚刚听到用户的错误报告。