[英]Symfony2 entity user provider overrides custom auth provider
My Symfony2 custom authentication provider now appears to be working . 我的Symfony2自定义身份验证提供程序现在似乎正在运行 。
User Provider 用户提供商
I almost used the FOSUserBundle but I don't even have email addresses for my users and I don't need the added functionality or complication. 我几乎使用了FOSUserBundle,但我甚至没有为我的用户提供电子邮件地址,而且我不需要增加的功能或复杂功能。
So instead I'm just using the entity provider . 所以我只是使用实体提供程序 。
I set my encoder to plaintext because the API client library handles that for me, but alas, another snag: it seems like Users are now being authenticated against these User records . 我将我的编码器设置为明文,因为API客户端库为我处理,但是,另一个障碍:似乎用户现在正在针对这些用户记录进行身份验证 。
Before I implemented the entity user provider, my login form gave me valid responses: correct credentials yielded no error, bad credentials resulted in my custom "incorrect user/pass error". 在我实现实体用户提供程序之前,我的登录表单给了我有效的响应:正确的凭据没有产生错误,错误的凭据导致我的自定义“不正确的用户/通过错误”。
Now, even if I supply credentials I know to be correct, all I get is the error message "Bad credentials," as if I'm implementing the UserAuthenticationProvider , but to the best of my knowledge, I'm not. 现在,即使我提供了我知道正确的凭据,我得到的只是错误消息“Bad credentials” ,好像我正在实现UserAuthenticationProvider ,但据我所知,我不是。 My custom provider directly implements the AuthenticationProviderInterface . 我的自定义提供程序直接实现AuthenticationProviderInterface 。
So at the moment I assume I have incorrectly implemented the entity user provider, such that it is somehow overriding my custom authentication provider. 所以目前我认为我错误地实现了实体用户提供程序,这样它就会以某种方式覆盖我的自定义身份验证提供程序。 What's the correct way to configure the entity user provider and a custom authentication provider, at the same time? 同时配置实体用户提供程序和自定义身份验证提供程序的正确方法是什么?
Files 档
Relevant section of security.yml security.yml的 相关部分
encoders:
WordRot\PlayBundle\Entity\User: plaintext
providers:
wordnik_users:
entity: { class: WordRotPlayBundle:User, property: username }
firewalls:
wordnik_secured:
pattern: ^/play
logout: ~
anonymous: ~
# The next line specifies the custom authentication provider:
wordnik: true
form_login:
provider: wordnik_users
login_path: /login
check_path: /play_check
# on success
always_use_default_target_path: true
default_target_path: /play
EDIT 编辑
This might prove useful . 这可能证明是有用的 。 It's a diff on the master branch... 这是主分支的差异......
EDIT 2 编辑2
With more break points I discovered: 我发现有更多的断点:
false
. 在登录表单POST上,使用UsernamePasswordToken调用WordnikProvider#supports ,因此返回false
。 WordnikListener
is constructed but it's other methods ( attemptAuthentication
, requiresAuthentication
) are never called. 在登录表单POST, WordnikListener
构造,但它使用的其他方法( attemptAuthentication
, requiresAuthentication
)永远不会被调用。 And yet WordnikFactory#createListener
, too, is never called! 然而, WordnikFactory#createListener
也从未被调用过! It's a wonder that the listener is constructed. 听众的构建令人惊讶。 login_check
GET, WordnikListener#requiresAuthentication
IS called. 但是在login_check
GET上, WordnikListener#requiresAuthentication
IS。 So we had kind of a long discussion on this. 所以我们对此进行了长时间的讨论。 The basic problem was that the form_login services was interfering with the wodnik service. 基本问题是form_login服务干扰了wodnik服务。 Removed form_login and things started working better. 删除了form_login,事情开始变得更好了。
http://chat.stackoverflow.com/rooms/25251/discussion-between-montgomery-jean-and-cerad http://chat.stackoverflow.com/rooms/25251/discussion-between-montgomery-jean-and-cerad
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.