Multiple firewalls in symfony2
Question
I have a problem with my security configuration in symfony2. I need two firewalls for two different user entity.
Here are my configuration files:
security.yml:
security:
encoders:
entity_owner:
class: Pisteur\CoreBundle\Entity\OwnerAccount
algorithm: sha512
iterations: 5000
encode_as_base64: false
entity_business:
class: Pisteur\BusinessBundle\Entity\BusinessOwner
algorithm: sha512
iterations: 5000
encode_as_base64: false
providers:
entity_owner:
name: entity_owner
entity:
class: Pisteur\CoreBundle\Entity\OwnerAccount
property: username
entity_business:
name: entity_business
entity:
class: Pisteur\BusinessBundle\Entity\BusinessOwner
property: username
firewalls:
entity_business:
pattern: ^/business
anonymous: ~
form_login:
check_path: /business/login_check
login_path: /business/login
default_target_path: /business/dashboard
provider: entity_business
logout:
path: /logout
target: /business/login
entity_owner:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
default_target_path: /dashboard
provider: entity_owner
logout:
path: /logout
target: /login
role_hierarchy:
ROLE_ADMIN: [ROLE_USER, ROLE_BUSINESS]
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/business/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/account, roles: ROLE_USER }
- { path: ^/dashboard, roles: ROLE_USER }
- { path: ^/business/dashboard, roles: ROLE_BUSINESS }
- { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
Here are all my routings:
security_login:
pattern: /login
defaults: { _controller: "PisteurSecurityBundle:Security:login" }
requirements: { _method: get }
login_check:
pattern: /login_check
business_security_login:
pattern: /business/login
defaults: { _controller: "PisteurSecurityBundle:BusinessSecurity:login" }
requirements: { _method: get }
business_login_check:
pattern: /business/login_check
logout:
pattern: /logout
Login form for OwnerAccount:
<form id="login-form" action="{{ path('login_check') }}" method="post">
<label><input id="username" type="text" name="_username" /></label>
<label><input id="password" type="password" name="_password" /></label>
<button class="btn custom large orange-button" type="submit" id="login-button">{% trans from "login" %}login{% endtrans %}</button>
</form>
Login form for BusinessOwner:
<form id="login-form" action="{{ path('business_login_check') }}" method="post">
<label><input id="username" type="text" name="_username" /></label>
<label><input id="password" type="password" name="_password" /></label>
<button class="btn custom large orange-button" type="submit" id="login-button">{% trans from "login" %}login{% endtrans %}</button>
</form>
When I login with the OwnerAccount form, it works and redirect my to /dashboard. When I login with the BusinessOwner form, it does not work and redirect to /login (should be /business/login) with the error "BadCredentials"
I'm not sure why but it seems that only the entity_owner is used (because it redirect to /login from the /business/login)
Is that something wrong in my configuration?
2 answers
solution1
3 2012-03-12 14:15:13
为entity_owner模式尝试类似^/(?!business)的操作,这可能会阻止entity_owner模式匹配entity_business模式。
solution2
2 2012-03-12 14:17:13
Move all of your owner resources to /owner. Change the entity_owner pattern to ^/owner , and make the main page redirect to /owner.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.