通过CURL连接到Symfony应用程序 [英] Connect to a Symfony application through CURL
问题描述
我有一个在Symfony中构建的应用程序.我在PHP中有另一个应用程序,试图检查当前用户在Symfony应用程序中是否有任何帐户并对其进行身份验证以获取PHPSessionID?在这种情况下,我使用 CURL 命令,如下所示.用户名和密码正确无误,但symfony应用程序仍将我重定向到登录页面.有人知道我该如何解决吗?
I have an application built in Symfony. I have another application in PHP and trying to check if the current user has any account in the Symfony application and authenticate him to obtain the PHPSessionID? In this case I use CURL command as below. How ever the username and password is correct but still the symfony application redirect me to the login page. Does anybody know how can I fix this?
$cred_data = array('_username' => 'test1', '_password' => '123', '_target_path' => 'http://symfonyappdomain/Symfony/web/app_dev.php/Acme/HomePage');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://symfonyappdomain/Symfony/web/app_dev.php/Acme/login_check');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($cred_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
$result = curl_exec($ch);
欣赏
推荐答案
最后,我可以解决此问题.为了通过另一个应用程序对用户进行身份验证,我们需要使用form_login在 security.yml 中创建另一个具有不同模式的防火墙,但是需要禁用 required_previous_session ,请检查以下内容:>
Finally I could fix this issue. In order to authenticate a user through another app we need to create another firewall in security.yml with different pattern using form_login but required_previous_session needs to be disabled, check this:
app_auth:
pattern: ^acme/auth/application
form_login:
provider: same_provider_name #or use different provider
login_path: /acme/auth/application/login
check_path: /acme/auth/application/login_check
require_previous_session: false
anonymous: true
context: my_shared_context_name
main_auth:
pattern: ^/acme
form_login:
provider: same_provider_name #or use a different provider
login_path: /acme/login
check_path: /acme/login_check
logout:
path: /acme/logout
target: /acme
security: true
context: my_shared_context_name
请注意,每个防火墙的上下文必须相同,否则您将无法在两个防火墙中使用相同的SessionID.
我想可以仅在主防火墙中使用* required_previous_session *而不创建另一个防火墙,但是我没有尝试(因为我不确定,我认为从外部使用单独的防火墙进行身份验证更加安全)
Please pay attention to that the context of each firewall needs to be same otherwise you won't be able to use same SessionID in both firewall.
I guess it is possible to use *required_previous_session* just in the main firewall and not to create another firewall, but I did not try (because I am not sure and I think it's much more secured to have separate firewall for authentication from outside)
这篇关于通过CURL连接到Symfony应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!