Symfony2 - 访问控制
[英]Symfony2 - Access control
问题描述
I want to set access_control for everything, but not for the pattern /login (and maybe some more routes). 
我想为所有内容设置access_control ,但不是为了模式/login (可能还有更多的路由)。
So I set up the path for login first, with the role IS_AUTHENTICATED_ANONYMOUSLY . 所以我首先设置登录路径,角色为IS_AUTHENTICATED_ANONYMOUSLY 。 Then I set up the path for everything, with the role IS_AUTHENTICATED_FULLY . 然后我设置了一切的路径,角色为IS_AUTHENTICATED_FULLY 。
The problem is that login form is now generated twice. 问题是登录表单现在生成两次。 I see two login fields, two submit buttons, and so on. 我看到两个登录字段,两个提交按钮,依此类推。
If I remove the access_control rules I have no, and only set to one path like /blog/.* and with role: IS_AUTHENTICATED_FULLY , it works fine, the login form is like it should be. 如果我删除了access_control规则,我没有,只设置为一个路径,如/blog/.*和角色: IS_AUTHENTICATED_FULLY ,它工作正常,登录表单应该是这样。
So my configuration of " you need to be authenticated everywhere except here " does not work. 所以我的配置“ 你需要在这里除了这里以外的地方进行身份验证 ”不起作用。
This is what I tried to do when login form is generated twice: 这是我在登录表单生成两次时尝试做的事情:
access_control:
- { path: /login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /.*, role: IS_AUTHENTICATED_FULLY }
Does anyone have any good examples for how to set up such a rule? 有没有人有关于如何设置这样一条规则的好例子?
2 个解决方案
解决方案1
12 已采纳 2011-03-16 13:07:06
So I got the answer :) So if anyone should have this problem, you also have to let _wdt, and _profiler being accessed anonymously :) 所以我得到了答案:)所以,如果有人应该有这个问题,你还必须让_wdt和_profiler匿名访问:)
access_control:
- { path: /_wdt/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /_profiler/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /.*, role: IS_AUTHENTICATED_FULLY }
解决方案2
5 2012-04-25 12:35:13
Don't forget to add this firewall: 不要忘记添加此防火墙:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.