[英]Silex SecurityServiceProvider, anonymous setting doesn't work
Right now I'm developing a simple API for a continuous integration server with Silex. 现在,我正在为Silex的持续集成服务器开发一个简单的API。 Now the api should be accessible to everyone with secret key, but for logged in users I want api to be available without any key.
现在,使用秘密密钥的每个人都应该可以使用该api,但是对于已登录的用户,我希望该api无需任何密钥即可使用。
Now the configuration for SecurityServiceProvider looks like this: 现在,SecurityServiceProvider的配置如下所示:
'security.firewalls' => array(
'login' => array(
'pattern' => '^/auth/login'
),
'secured' => array(
'pattern' => '^/',
'form' => array(
'login_path' => "/auth/login",
'check_path' => "/auth/dologin",
'username_parameter' => 'login[username]',
'password_parameter' => 'login[password]',
"csrf_parameter" => "login[_token]",
"failure_path" => "/auth/login",
),
'logout' => array(
'logout_path' => "/auth/logout",
"target" => '/',
"invalidate_session" => false
),
'users' => array(
// admin:foo
'admin' => array('ROLE_ADMIN', '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg==')
)
),'api' => array(
'pattern' => '^/api',
'anonymous' => true
),
)
The sad thing is that when I'm on /api/ pages it still redirects me to login page, although as you can see anonymous => true. 可悲的是,当我进入/ api /页面时,它仍然将我重定向到登录页面,尽管您可以看到anonymous => true。
I can move firewall for /api at the top and remove anonymous line, but then I don't have access to SecurityContext object to check if user is authenticated. 我可以将/ api的防火墙移到顶部,并删除匿名行,但是然后我无权访问SecurityContext对象来检查用户是否已通过身份验证。
Allow anonymous users in general and use access rules to define protected areas: 通常允许匿名用户使用访问规则来定义保护区:
// init the firewall
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'general' => array(
'pattern' => '^/',
'anonymous' => true,
'form' => array(
'login_path' => '/login',
'check_path' => '/admin/login_check'
),
'users' => $app->share(function () use( $app)
{
return new UserProvider($app);
}),
'logout' => array(
'logout_path' => '/admin/logout',
'target_url' => '/goodbye'
)
)
),
'security.access_rules' => array(
array('^/admin', 'ROLE_ADMIN')
),
'security.role_hierarchy' => array(
'ROLE_ADMIN' => array('ROLE_USER', 'ROLE_ALLOWED_TO_SWITCH')
)
)); ));
If you want protect all except /api just define two firewalls: 如果要保护除/ api以外的所有内容,只需定义两个防火墙:
// init the firewall
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'anonymous' => array(
'pattern' => '^/api',
'anonymous' => true
),
'general' => array(
'pattern' => '^/',
'anonymous' => false,
...
)
),
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.