我正在尝试对Symfony2中的特定路由应用IP限制,如Symfony2上所述.我没有用户身份验证,我只希望我的服务能够回答来自特定IP的请求.
但我没有成功应用限制(我总是在测试期间通过).
这是我的security.yml
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
firewalls:
secured_area:
pattern: ^/wsoa/tests
anonymous: ~
# http_basic:
# realm: "Secured Demo Area"
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
#- { path: ^/_internal/secure, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
# THE RESTRICTION I'D LIKE (FOR EXEMPLE 127.0.0.1)
- { path: ^/wsoa_products_tests, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
这是我从routing.yml的路线:
wsoa_products_tests:
pattern: /wsoa/tests
defaults: { _controller: WsoaProductsBundle:Test:display }
谁知道如何让它有效?我是否应该忘记在Symfony2中执行此操作并使用htaccess执行此操作?
小智 5
要将路径限制为仅限特定IP,可以将以下内容添加到security.ymlaccess_control:
- { path: ^/yourpath, roles: IS_AUTHENTICATED_ANONYMOUSLY, ips: [1.1.1.1, 2.2.2.2, ...] }
- { path: ^/yourpath, roles: ROLE_NO_ACCESS }
如果您想限制为全范围的IP,请使用IP网络掩码,如下所示:
- { path: ^/yourpath, roles: IS_AUTHENTICATED_ANONYMOUSLY, ips: [1.1.1.0/24] }
- { path: ^/yourpath, roles: ROLE_NO_ACCESS }
注意:我放在这里的IP地址需要替换为您想要限制的IP地址.也替换^/yourpath为您的实际路径或子路径.
| 归档时间: |
|
| 查看次数: |
4019 次 |
| 最近记录: |