symfony 2:通过防火墙在不安全的页面上获得当前登录的用户 [英] symfony 2: get current logged in user on non secured pages through firewall

问题描述

如何在不安全的页面上获得当前登录的用户?

how to get the current logged in user on non secured pages?

我只有一个/account/页面，该页面通过防火墙保护，而其他页面则不受保护.

I have only an /account/ page which is secured through the firewall and the other pages are unprotected.

我的全局导航具有以下模板(简化):

My global navigation has the following template (simplified):

{% if app.user %}
  <a href="/account/data">...
  <a href="/logout>...
{% else %}
  <a href="/account/login">....
{% endif %}

问题:带有注销链接的导航也应该在不安全的页面上也可以访问，但是没有UsernamePasswordToken ...并且symfony显示登录链接，而不是/logout和/account/data链接.我为所有其他页面配置了匿名侦听器，但无法正常工作.

Problem: The navigation with the logout link should be accessible on unsecured page too, but there is no UsernamePasswordToken...and symfony displays the login link, instead of the /logout and /account/data links. I configured all other pages with an anonymous listener, but it does not work properly.

有解决方案吗?

推荐答案

您无法使用户进入非防火墙页面.为整个应用程序启用防火墙，允许匿名访问，并使用access_control:

You can't get the user on a non-firewalled page. Enable the firewall for the whole app, allow anonymous access, and protect particular parts of the app with access_control:

security:
    firewalls:
        main:
            pattern: ^/
            anonymous: ~

    access_control:
        - { path: ^/protected, roles: ROLE_SOME }

这篇关于symfony 2:通过防火墙在不安全的页面上获得当前登录的用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！