使用 Symfony2 的 AccessDeniedHandlerInterface [英] Using Symfony2's AccessDeniedHandlerInterface

问题描述

我正在尝试为 symfony2 设置我的安全内容，到目前为止我已经可以正常工作了，但是现在我需要做一些更花哨的事情.我目前正在使用所有处理 PreAuthentication 的东西(我使用第三方组件进行登录和会话管理).这部分与 JMS 安全包配合使用效果很好.

I am trying to get my security stuff setup for symfony2 and I have it working so far, but now I need to do some more fancy things. I am currently using everything dealing with PreAuthentication (I use a third party component for logging in and session management). That part is working great in tandem with the JMS security bundle.

现在我想抓住抛出 403 的用户，这样我就可以将他们转发到我正在使用的第三方组件的登录页面.我认为我最好的选择是向异常侦听器添加一个异常处理程序.我正在查看 AccessDeniedHandlerInterface.

Now I am to the point when I want to catch the users that are throwing 403s so I can just forward them to the login page of the third party component that I am using. I think my best bet is to add an exception handler to the exception listener. I am looking at the AccessDeniedHandlerInterface.

1. 这对我来说是正确的方向吗?
2. 如何将此处理程序添加到异常侦听器?

我最终做了类似的事情.我创建了一个在 kernel.exception 事件上提示的服务.services.yml 看起来像这样:

I ended up doing something similar. I created a service that is prompted on the kernel.exception event. services.yml looks like this:

services:
   kernel.listener.accessDenied:
    class: FullyQualifiedNamespacePathToClass
    tags:
      - { name: kernel.event_listener, event: kernel.exception, method: onAccessDeniedException }

和它自己的类:

<?php

namespace FullyQualifiedNamespacePathTo;

use SymfonyComponentHttpKernelEventGetResponseForExceptionEvent,
SymfonyComponentHttpFoundationResponse,
SymfonyComponentSecurityCoreExceptionAccessDeniedException;

class Class
{
  public function onAccessDeniedException(GetResponseForExceptionEvent $event)
  {
    $exception = $event->getException();
    //Get the root cause of the exception.
    while (null !== $exception->getPrevious()) {
      $exception = $exception->getPrevious();
    }
    if ($exception instanceof AccessDeniedException) {
      //Forward to third-party.
    }
  }
}

推荐答案

这听起来不错.

或者，如果您对 AccessDeniedException 特别感兴趣，您还可以在防火墙内的 security.yml 中定义 access_denied_handler:

Or, if you're specifically interested in AccessDeniedException you could also define access_denied_handler within your firewall in security.yml:

security:
    firewalls:
        my_firewall:
            # ...
            access_denied_handler: kernel.listener.access_denied.handler
            # ...

然后在您的 services.xml 或等效文件中定义您的服务:

Then define your service in your services.xml or equivalent:

<parameters>
    <parameter key="kernel.listener.security.class">PathToYourClass</parameter>
</parameters>

<service id="kernel.listener.access_denied.handler" class="%kernel.listener.security.class%">
    <tag name="kernel.event_listener" event="security.kernel_response" method="handle" />
</service>

处理程序类:

use SymfonyComponentSecurityHttpAuthorizationAccessDeniedHandlerInterface;

class MyAccessDeniedHandler implements AccessDeniedHandlerInterface
{
    public function handle(Request $request, AccessDeniedException $accessDeniedException)
    {
        // do something with your exception and return Response object (plain message of rendered template)
    }
}

您可以在此处找到 Symfony2 的完整安全参考:http://symfony.com/doc/2.8/reference/configuration/security.html

You can find complete Security reference of Symfony2 here: http://symfony.com/doc/2.8/reference/configuration/security.html

这篇关于使用 Symfony2 的 AccessDeniedHandlerInterface的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！