symfony2配置防火墙 - 登录时的奇怪行为

I am using symfony2 with FOSUserBundle and i am trying to set up correctly my firewall.

I want the major part of my website to not be available to anonymous users. Home page (the $ in the public pattern) and some others should be available according to a pattern.

With my current configuration, after login I am redirected to the home page but still as anonymous. If i directly type a url of a page not allowed to anonymous directly afterwards, I can access it and I am logged (in the profiler).

My configuration:

dev:
    pattern:  ^/(_(profiler|wdt)|css|images|js)/
    security: false
public:
    pattern:        /(login$|register|resetting|public|$)
    anonymous:      true
main:
    pattern:        ^/
    anonymous:      false
    provider:       main
    form_login:
        login_path: fos_user_security_login
        check_path: fos_user_security_check
    logout:
        path:       fos_user_security_logout
        target:     /

What can I do to make it work properly (logged correctly after login).

EDIT: I understand better what is happening: after login, I am being redirected to the home page=root address. This falls first into the public firewall and that's whay I'm not seen as connected.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

doushu7588 2014-12-22 11:23

关注

Done! Solution involves the context property of the firewall which is better described here : Authenticate multiple symfony2 firewalls with one login form

My configuration now becomes:

firewalls:

dev:
    pattern:  ^/(_(profiler|wdt)|css|images|js)/
    security: false
guest:
    pattern:        /(user/login$|user/register|user/resetting|$)
    anonymous:      true
    context:        main_auth
main:
    pattern:        ^/(?!user/login$)
    anonymous:      false
    provider:       main
    context:        main_auth
    form_login:
        login_path: fos_user_security_login
        check_path: fos_user_security_check
    logout:
        path:       fos_user_security_logout
        target:     /
    remember_me:
        key:      "%secret%"
        lifetime: 86400 # 365 jours en secondes
        path:     /
        domain:   ~ # Prend la valeur par défaut du domaine courant depuis $_SERVER
    oauth:
        remember_me: true
        resource_owners:
            facebook:           "/loginhwi/check-facebook"
            github:             "/loginhwi/check-github"
            google:             "/loginhwi/check-google"
            twitter:            "/loginhwi/check-twitter"
            linkedin:           "/loginhwi/check-linkedin"
            flickr:             "/loginhwi/check-flickr"
        login_path:        fos_user_security_login
        check_path:        fos_user_security_check
        failure_path:      fos_user_security_login
        success_handler:  foodmeup_user.handler_auth
        oauth_user_provider:
            service: fosubuser.provider

本回答被题主选为最佳回答 , 对您是否有帮助呢?