Symfony2的in_memory用户提供问题 [英] Symfony2 in_memory users provider issue
问题描述
我有一个加载用户 in_memory
用户提供一个Symfony2的应用程序。在 security.yml
如下:
I have a Symfony2 application that loads users from in_memory
user provider. The security.yml
is the following:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
users:
admin: { password: mypassword, roles: [ 'ROLE_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/demo/secured/login$
security: false
secured_area:
pattern: ^/
anonymous: ~
http_basic:
realm: "MyApp Realm - Login"
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
#- { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
- { path: ^/subscription/show, roles: ROLE_ADMIN }
- { path: ^/send, roles: ROLE_ADMIN }
在我的本地开发环境(在Mac Pro的书),此配置按预期工作。当我去的路线 _ /发送_
或 _ /订阅/秀_
,Symfony的问我要登录,如果我进入凭据管理的和的输入mypassword 的我可以正确地查看页面。
In my local development environment (a Mac Book Pro) this configuration works as expected. When I go to routes _/send_
or _/subscription/show_
, Symfony asks me for login and if I enter credentials admin and mypassword I can view pages correctly.
不过的生产的环境(Debian服务器上)我要进行登录一看就知道路线,但相同的用户名和密码不起作用! HTTP基本身份验证的登录提示永远不会消失!我无法理解。
But in production environment (a Debian server) I have to perform login to see that routes but the same username and password doesn't work! The HTTP basic authentication login prompt never go away! I can't understand.
为什么该配置不起作用?和总体为什么在我的本地环境中,它的工作原理,并在生产环境,这不?
Why that configuration doesn't work? And overall why in my local environment it works and in the production environment it doesn't?
我还看到一个问题,我想这是关系到: Symfony2的明文用户不工作。
我已经尝试过所有的建议列在那里,但它们中的任何解决问题。
I also see a question I suppose it is related to: Symfony2 plaintext users don't work. I already tried all suggestions listed there but any of them solve the problem.
推荐答案
解决了!
问题是生产环境中运行PHP的FastCGI中,都有这些配置你必须添加下面的行为.htaccess,才能有通过PHP的工作HTTP基本身份验证:
The problem was that production environments runs PHP in FastCGI and with such configuration you have to add the following line to .htaccess, in order to have http basic authentication via PHP working:
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
再见!
这篇关于Symfony2的in_memory用户提供问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!