Symfony2 Secure by IP 不工作 [英] Symfony2 Secure by IP not working

问题描述

在我的 Symfony 2.3.1 Security YML 中，我有这一行.

In my Symfony 2.3.1 Security YML, I have this line.

security.yml

security.yml

access_control:
    - { path: ^/mysecurearea, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 0.0.0.0 }

基于此:http://symfony.com/doc/current/book/security.html

我的印象是这条路线和路线很相似，例如/mysecurearea/something 应该只能被来自 IP 0.0.0.0 的请求访问

I was under the impression that this route and routes like it, e.g. /mysecurearea/something should only be accessible to a request from IP 0.0.0.0

问题是，我仍然可以访问它.

Problem is, I can still access it.

有什么想法吗?

推荐答案

所以，我想做的就是阻止人们访问某个区域，除非他们拥有有效的 IP.我还没有完全理解的是， access_control 只能赋予角色，而不是拒绝访问.(事后看来是有道理的.)

So, all I wanted to do, was stop people from access an area, unless they had a valid IP. What I hadn't entirely appreciated, was that access_control can only give roles, rather than deny access. (Makes sense in hindsight.)

    - { path: ^/mysecurearea, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 0.0.0.0 }
    - { path: ^/mysecurearea, roles: ROLE_NO_ACCESS }

所以为了实现我想要的，我需要在上面添加额外的行.ROLE_NO_ACCESS 实际上并不存在.您只需要在那里添加一些描述性的文本并注意一个有效的角色.由于它不是一个有效的角色，请求者不能再访问该区域.这有点像黑客，但就我的目的而言，它完美地完成了这项工作.

So to achieve what I was looking for, I needed to add the additional line above. ROLE_NO_ACCESS doesn't actually exist. You just need to add some text there which is descriptive and note a valid role. Since it isn't a valid role, the requester can no longer access the area. It is a bit of a hack, but for my purposes, it does the job perfectly.

这篇关于Symfony2 Secure by IP 不工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！