C 知道

消息
创作中心
drema2014 2014-01-10 02:49
浏览 79
已采纳

Symfony2自定义Authenticator在未经过身份验证时执行某些操作

How to manage Full authentication is required to access this resource.? I want to redirect user when he is not authenticated. I have custom uthenticater which authenticate user depending on session data, and i want to redirect user when hes not authenticatet.

My authenticator class:

/**
 * @Service("sso_authenticator")
 */
class SsoAuthenticator implements SimplePreAuthenticatorInterface
{

    /**
     * @var SsoUserProvider
     */
    protected $userProvider;

    /**
     * @InjectParams({
     *      "userProvider" = @Inject("sso_user_provider")
     * })
     */
    public function __construct(SsoUserProvider $userProvider)
    {
        $this->userProvider = $userProvider;
    }

    public function createToken(Request $request, $providerKey)
    {
        $user = $request->getSession()->get('sso_user');

        if (!$user) {
            throw new BadCredentialsException('No user found');
        }

        return new PreAuthenticatedToken(
                'anon.', $user, $providerKey
        );
    }

    public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
    {
        $user = $token->getCredentials();
        if (!is_array($user)) {
            $user = $token->getUser();
        }

        if (!$user) {
            throw new AuthenticationException('User does not exist.');
        }

        $ssoUser = $this->userProvider->loadUser($user);

        return new PreAuthenticatedToken(
                $ssoUser, $user, $providerKey, $ssoUser->getRoles()
        );
    }

    public function supportsToken(TokenInterface $token, $providerKey)
    {
        return $token instanceof PreAuthenticatedToken && $token->getProviderKey() === $providerKey;
    }

}

展开全部

  • 写回答

1条回答 默认 最新

  • dongyin0628 2014-01-12 05:26
    关注

    i set the login path to logout path like this:

    secured_area:           
    form_login: 
        login_path : main_user_logout

    then i wrote custom logout handler:

    /**
 * @Service("sso_authentication_handler")
 */
class SsoAuthenticationHandler implements LogoutSuccessHandlerInterface
{
    /**
     * @var Router
     */
    private $router;

    /**
     * @var array
     */
    protected $ssoUrls;

    /**
     * @InjectParams({
     *      "ssoUrls" = @Inject("%wordpress_sso%"),
     *      "router" = @Inject("router")
     * })
     */
    public function __construct(array $ssoUrls, Router $router)
    {
        $this->ssoUrls = $ssoUrls;
        $this->router = $router;
    }

    public function onLogoutSuccess(Request $request)
    {
        $locale = $request->getLocale();
        if ($locale === 'pl') {
            $url = $this->ssoUrls[$locale];
        } else {
            $url = $this->ssoUrls['en'];
        }

        $url .= '?returnUrl=' . $this->router->generate('main');

        return new RedirectResponse($url);
    }

}

    so with this combination i achive behavior like when youser is not authenticated or when he logout i will redirect him to other site to login, in my example to wordpress.

    展开全部

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
编辑
预览

报告相同问题?

手机看
程序员都在用的中文IT技术交流社区

程序员都在用的中文IT技术交流社区

专业的中文 IT 技术社区,与千万技术人共成长

专业的中文 IT 技术社区,与千万技术人共成长

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

 客服 返回
顶部