stackoom
  简体   繁体   中英

Access Denied Symfony 2

 原文  2014-02-23 22:04:49       php/ symfony

Question

I have been working on a logging in page for an APP im currently building. Its running checks fine but when the user is redirected to /secure_area I see the current error. 

 Access Denied 403 Forbidden - AccessDeniedHttpException 1 linked Exception: AccessDeniedException »

My Code so far

security.yml 

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext
        Simple\ProfileBundle\Entity\User:
            algorithm:        sha1
            encode_as_base64: false
            iterations:       1

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        main:
            entity:
                class: Simple\ProfileBundle\Entity\User
                property: username

    firewalls:

        secured_area:
            pattern:    ^/
            anonymous: ~
            form_login:
                login_path:  login
                check_path:  login_check
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false


    access_control:
          - { path: ^/secure_area, roles: ROLE_ADMIN }

*routing_dev.yml* 

index:
    pattern:   /
    defaults:  { _controller: SimpleProfileBundle:Security:login }


login:
    pattern:   /login
    defaults:  { _controller: SimpleProfileBundle:Security:login }


login_check:
    pattern:   /login_check

test_security:
    pattern: /secure_area
    defaults: {_controller: SimpleProfileBundle:Security:dumpString }

Any ideas, im new to this framework so starting to understand the basics.

Thanks

1 answers

solution1
 7 ACCPTED  2014-02-23 22:13:37

Access Denied means that logged user have no permissions to access the resource. I presume that your users does not have ROLE_ADMIN or ROLE_USER role. There's no other way if your user has been successfully loggedn in.

From the other side, why not using FOSUserBundle ? It's way better for beginners to understand how the whole process work (just read the code and he Security component documentation ). Security component is one of the hardest to understand as some "things" happen behind the scenes so you need to fully understand how the component work to make sure you're not making any silly errors.

Really, reading carefully linked documentation would be a perfect start, just ignore the tutorials for now.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Symfony2 - Access Denied symfony2 access denied exception Symfony 5 throwing Access Denied Exception Symfony2 Overriding Access Denied template Symfony2 - Access is denied (user is not fully authenticated) Symfony security - get details on Access Denied Access Denied Error Symfony with custom roles Docker - Symfony 4 - Doctrine - Access denied to User Symfony2: postgres database access denied Symfony, access to db denied for root user by console
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM