Symfony 4:无法访问管理员角色.拒绝访问 [英] Symfony 4: Cannot access admin roles. Access Denied
问题描述
我正在学习 Symfony 4 并尝试按照 Symfony 4 文档创建一个应用程序.
I'm learning Symfony 4 and try to make follow Symfony 4 Documentation to create an app.
我确实按照这篇文章来创建管理员角色.
I do follow this article to make admin roles.
但是当我访问路径 /admin 时,它总是 Access Denied".
But when I access path /admin, it's always "Access Denied."
我在 Symfony 文档页面和 StackOverflow 中阅读了很多文章,但找不到解决方法.这是我的设置
I read many article in Symfony Documentation page and StackOverflow but can not found the way to solve it. Here is my setting
//config/packges/security.yaml
security:
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
our_db_provider:
entity:
class: App\Entity\User
in_memory:
memory:
users:
admin:
password: admin123
roles: 'ROLE_ADMIN'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
http_basic: ~
provider: our_db_provider
form_login:
login_path: login
check_path: login
default_target_path: index
always_use_default_target_path: true
logout:
path: /logout
target: /index
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
这里是 Symfony 调试日志:
And here is the Symfony Debug log:
未捕获的 PHP 异常 Symfony\Component\Security\Core\Exception\AccessDeniedException:拒绝访问."在 C:\xampp\htdocs\aimer-mvc\vendor\symfony\security\Http\Firewall\AccessListener.php line 68
Uncaught PHP Exception Symfony\Component\Security\Core\Exception\AccessDeniedException: "Access Denied." at C:\xampp\htdocs\aimer-mvc\vendor\symfony\security\Http\Firewall\AccessListener.php line 68
请帮帮我.非常感谢!
推荐答案
如果你想用 admin/admin123 测试你的应用,你必须允许 防火墙中的 in_memory 提供程序:
If you want to test your app with admin / admin123, you have to allow in_memory provider in your firewall :
仅适用于 http_basic :
only for http_basic :
security:
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
our_db_provider:
entity:
class: App\Entity\User
in_memory:
memory:
users:
admin:
password: admin123
roles: 'ROLE_ADMIN'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
http_basic:
provider: in_memory
provider: our_db_provider
form_login:
login_path: login
check_path: login
default_target_path: index
always_use_default_target_path: true
logout:
path: /logout
target: /index
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
也适用于 form_login :
for form_login as well :
security:
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
both_providers:
chain:
providers: [in_memory, our_db_provider]
our_db_provider:
entity:
class: App\Entity\User
in_memory:
memory:
users:
admin:
password: admin123
roles: 'ROLE_ADMIN'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
http_basic: ~
provider: both_providers
form_login:
login_path: login
check_path: login
default_target_path: index
always_use_default_target_path: true
logout:
path: /logout
target: /index
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
参见 https://symfony.com/doc/current/security/multiple_user_providers.html 示例...
这篇关于Symfony 4:无法访问管理员角色.拒绝访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
