Symfony 2退出
[英]Symfony 2 Logout
问题描述
this is my first Symfony 2 application and i am trying to logout the currently logged in user. 
这是我的第一个Symfony 2应用程序,我正在尝试注销当前登录的用户。
This is my app/config/security.yml 这是我的app / config / security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
user0: { password: user0, roles: [ 'ROLE_ADMIN' ] }
user1: { password: user1, roles: [ 'ROLE_SUPER_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/demo/secured/login$
security: false
secured_area:
pattern: ^/
logout: ~
anonymous: ~
http_basic:
realm: "Secured Area"
access_control:
- { path: ^/question/*, roles: ROLE_ADMIN }
- { path: ^/questiongroup/*, roles: ROLE_ADMIN }
- { path: ^/answer/*, roles: ROLE_ADMIN }
- { path: ^/newslettertemplate/*, roles: ROLE_ADMIN }
- { path: ^/customer/*, roles: ROLE_SUPER_ADMIN }
- { path: ^/statistics/*, roles: ROLE_SUPER_ADMIN }
I have created the logout entry in the routing.yml as described in the symfony security documentation: 我已经在route.yml中创建了logout条目,如symfony安全文档中所述:
logout:
path: /logout
When i create a link to the "logout" i do get redirected to the "/" which is ok. 当我创建一个指向“注销”的链接时,我会被重定向到“/”,这是可以的。 But the user still is authenticated, means the actual logout did not work. 但是用户仍然经过身份验证,意味着实际的注销无效。
3 个解决方案
解决方案1
11 已采纳 2013-09-13 17:45:53
It doesn't work with HTTP Basic Authentication because the browser remembers your credentials and sends them with each request. 它不适用于HTTP基本身份验证,因为浏览器会记住您的凭据并随每个请求一起发送。 You can do nothing about this on the server side. 您无法在服务器端执行任何操作。
I believe eventually you're going to switch to the form based login . 我相信最终你会切换到基于表单的登录 。 The logout feature will work like it's supposed to when you do. 注销功能将像您应该的那样工作。
解决方案2
5 2013-09-14 05:10:16
Just use this in security.yml 只需在security.yml中使用它
logout:
path: /logout
invalidate_session: false
解决方案3
0 2016-01-07 08:59:36
If like me you are a rookie at symfony and couldnt make the others logout solutions work (i suppose i missed some config subtilities), there is a non academic, but functional solution: 如果像我一样,你是symfony的新手,并且无法使其他人注销解决方案工作(我想我错过了一些配置子实用程序),那么有一个非学术性但功能性的解决方案:
when you use form based login you just have to send undefined login and password to the 'login_check' route. 当您使用基于表单的登录时,您只需将未定义的登录名和密码发送到“login_check”路由。
ex : login ='*' password ='' 例如: login ='*' password =''
with a button in a template : 使用模板中的按钮:
<form action="{{ url('login_check') }}" method="post">
<input type="text" name="_username" value="*" style="display:none;" />
<input type="password" name="_password" style="display:none;" />
<button type="submit">log out</button>
</form>
by rendering a 'logout' template from a Controller : 通过从Controller渲染“注销”模板:
<script>
window.addEventListener("load",function(){
document.getElementById("logout_form").submit();
});
</script>
<form action="{{ url('login_check') }}" method="post" id="logout_form">
<input type="text" name="_username" value="*" style="display:none;" />
<input type="password" name="_password" style="display:none;" />
</form>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.