[英]Symfony2 firewall : keep user logged through subdomains
I created 3 tools for my customers. 我为客户创建了3种工具。 Each customer has to access to one, two, or three tools, depending on what he paid.
每个客户都必须使用一个,两个或三个工具,具体取决于他所支付的费用。
I'm now trying to connect these 3 tools to the same UserBundle. 我现在正在尝试将这3个工具连接到同一UserBundle。 Each tool has its own subdomain :
tool1.mysite.com
; 每个工具都有其自己的子域:
tool1.mysite.com
; tool2.mysite.com
and tool3.mysite.com
. tool2.mysite.com
和tool3.mysite.com
。
I defined 3 roles, 1 for each tool. 我定义了3个角色,每个工具1个。 I kept only one firewall, the main one from the FOSUserBundle, defined on the host
.mysite.com
in order to cover all subdomains. 我只保留了一个防火墙,主要的FOSUserBundle防火墙是在主机
.mysite.com
上定义的,以便覆盖所有子域。
My problem is : I can use the login page in any subdomains, but it seems that the logged user is kept only on the subdomains he logged. 我的问题是 :我可以在任何子域中使用登录页面,但是似乎登录的用户仅保留在他登录的子域中。 If I login like "User1" on "Tool1" I won't be logged on Tool2.
如果我以“ User1”的身份登录“ Tool1”,则不会登录Tool2。 And if I logged as User2 on Tool2, I'll still be as "User1" on "Tool1".
而且,如果我在Tool2上以User2身份登录,则在“ Tool1”上仍以“ User1”身份登录。
I don't know how to change this behaviour ? 我不知道如何改变这种行为?
Thank you so much ! 非常感谢 !
My security.yml is the following : 我的security.yml是以下内容:
firewalls:
main:
pattern: ^/
host: .mysite.com
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout:
path: /logout
target: /login
anonymous: true
access_control:
- { host: .mysite.com, path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { host: .mysite.com, path: ^/admin/, role: ROLE_ADMIN }
- { host: .mysite.com, path: ^/register, role: ROLE_ADMIN }
- { host: .mysite.com, path: ^/resetting, role: ROLE_ADMIN }
- { host: tool1.mysite.com, path: ^/tool1, role: ROLE_TOOL1 }
- { host: tool2.mysite.com, path: ^/tool2, role: ROLE_TOOL2 }
- { host: tool3.cospirit.com, path: ^/tool3, role: ROLE_TOOL3 }
role_hierarchy:
ROLE_TOOL1: [ROLE_USER]
ROLE_TOOL2: [ROLE_USER]
ROLE_TOOL3: [ROLE_USER]
It seems to work better by adding this in the config.yml
file : 通过在
config.yml
文件中添加它,似乎可以更好地工作:
framework:
session:
name: SFSESSIDCSMT
cookie_domain: .mysite.com
I don't know which solution is the better one ? 我不知道哪种解决方案更好?
Because it's different subdomains, and symfony store the login data in cookies, you will have separate data for every subdomains. 因为它是不同的子域,并且symfony将登录数据存储在cookie中,所以每个子域都有单独的数据。 I would recommend you to create 3 firewalls, and add to all of them the context key, and just add a common value.
我建议您创建3个防火墙,并向所有防火墙添加上下文密钥,然后添加一个通用值。
firewalls:
main:
pattern: ^/
host: main.mysite.com
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout:
path: /logout
target: /login
anonymous: true
context: main_context
second:
pattern: ^/
host: first.mysite.com
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout:
path: /logout
target: /login
anonymous: true
context: main_context
For this to work, maybe you also have to change the cookie settings for symfony, but I would first try out this solution. 为此,也许您还必须更改symfony的cookie设置,但是我将首先尝试该解决方案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.