如何在symfony2中保护除登录页面之外的整个页面？

Question

I want to have whole site secured through login with FOSUserBundle. 我希望通过FOSUserBundle登录来保护整个站点。 I tried to set security.yml like this 我试着像这样设置security.yml

security:
encoders:
    Symfony\Component\Security\Core\User\User: plaintext
    FOS\UserBundle\Model\UserInterface: sha512

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
    fos_userbundle:
        id: fos_user.user_manager

firewalls:
    main:
        pattern:    ^/
        form_login:
            check_path: /login_check
            login_path: /login
            provider: fos_userbundle
            always_use_default_target_path: true
            default_target_path: /dashboard
        logout:
            path:   /logout
            target: /
        anonymous: ~
        #http_basic:
        #    realm: "Secured Demo Area"

access_control:
    - { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
    #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

But then I don't know what to set in config.yml this is my config.yml 但后来我不知道在config.yml中设置什么，这是我的config.yml

 imports:
- { resource: parameters.yml }
- { resource: security.yml }

framework:
#esi:             ~
translator:       ~
secret:          %secret%
router:
    resource: "%kernel.root_dir%/config/routing.yml"
    strict_requirements: ~
form:            ~
csrf_protection: ~
validation:      { enable_annotations: true }
templating:
    engines: ['twig']
    #assets_version: SomeVersionScheme
default_locale:  "%locale%"
trusted_proxies: ~
session:         ~
fragments:       ~
http_method_override: true

# Twig Configuration
twig:
debug:            %kernel.debug%
strict_variables: %kernel.debug%

# Assetic Configuration
assetic:
debug:          %kernel.debug%
use_controller: false
bundles:        [ ]
#java: /usr/bin/java
filters:
    cssrewrite: ~
    #closure:
    #    jar: %kernel.root_dir%/Resources/java/compiler.jar
    #yui_css:
    #    jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar

# Doctrine Configuration
doctrine:
dbal:
    driver:   %database_driver%
    host:     %database_host%
    port:     %database_port%
    dbname:   %database_name%
    user:     %database_user%
    password: %database_password%
    charset:  UTF8
    # if using pdo_sqlite as your database driver, add the path in parameters.yml
    # e.g. database_path: %kernel.root_dir%/data/data.db3
    # path:     %database_path%

orm:
    auto_generate_proxy_classes: %kernel.debug%
    auto_mapping: true

# Swiftmailer Configuration
swiftmailer:
transport: %mailer_transport%
host:      %mailer_host%
username:  %mailer_user%
password:  %mailer_password%
spool:     { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: Dashboard\UserBundle\Entity\User

and this is my controller 这是我的控制者

<?php

namespace Proposals\ProposalsBundle\Controller;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;

use Proposals\ProposalsBundle\Entity\Proposals;
use Proposals\ProposalsBundle\Form\ProposalsType;

/**
* Proposals controller.
*
*/
class ProposalsController extends Controller
{

/**
 * Lists all Proposals entities.
 *
 */
public function indexAction()
{
    $em = $this->getDoctrine()->getManager();

    $entities = $em->getRepository('ProposalsProposalsBundle:Proposals')->findAll();

    return $this->render('ProposalsProposalsBundle:Proposals:index.html.twig', array(
        'entities' => $entities,
    ));
}

When i open any page its not check either user is logged in or not.I want every page is secured through login if user logged in then every page open if user not logged in then page not show or redirect to login.any help appriciated 当我打开任何页面时，不检查用户是否登录。如果用户登录则希望每个页面都通过登录进行保护，然后如果用户未登录则打开每个页面，然后页面不显示或重定向到登录。任何帮助appriciated

Answer 1

Every time the same, nobody bats an eye on the documentation. 每次都一样，没有人关注文档。 Wayne. 韦恩。 But for your spamming you shouldn't get a answer, but this would be unfair ^^ 但是对于你的垃圾邮件，你不应该得到答案，但这将是不公平的^^

security:
    firewalls:
        main:
            pattern: ^/
            # other settings
            anonymous:    true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_USER }

Answer 2

for move to this URL localhost/QuickBacklog/web/app_dev.php/dashboard 移至此URL localhost / QuickBacklog / web / app_dev.php / dashboard
you must add like this in the security.yml 你必须在security.yml中添加这样的东西

firewalls:
        main:
            pattern:    ^/
            form_login:
                provider:             fos_userbundle
                default_target_path:  /dashboard/                
            logout:     
                ........
                invalidate_session: false
            anonymous: ~

In the routing file 在路由文件中

applicationlogin_success:
  pattern: /dashboard/
  defaults: { _controller: SampleBundle:Default:FrontPage }

BY USING default_target_path : ROUTING_PATTERN 使用default_target_path：ROUTING_PATTERN
u will redirect it... 你会重定向它......

如何在symfony2中保护除登录页面之外的整个页面？

问题描述

2 个解决方案

解决方案1
16 已采纳 2013-08-23 06:33:30

解决方案2
2 2013-08-31 06:15:31

如何在symfony2中保护除登录页面之外的整个页面？

问题描述

2 个解决方案

解决方案1 16 已采纳 2013-08-23 06:33:30

解决方案2 2 2013-08-31 06:15:31

解决方案1
16 已采纳 2013-08-23 06:33:30

解决方案2
2 2013-08-31 06:15:31