Symfony2-访问被拒绝(用户未完全认证) [英] Symfony2 - Access is denied (user is not fully authenticated)

问题描述

我正在使用Symfony2开发网站，直到今天-登录都没有问题.但是现在登录时，我没有经过正确的身份验证-Symfony探查器将我列出为logged in as: anon，而不是我以.我还将重定向到登录页面，而不是目标路径.

I'm developing a website using Symfony2, and until today - had no problem logging in. But now when logging in I'm not correctly authenticated - Symfony profiler lists me as logged in as: anon instead of the user I logged in as. I'm also redirected back to the login page instead of the target path.

登录过程由带有提交按钮的传统登录表单(即用户名+密码)组成.所有用户凭据都存储在MySQL中，并且我已经将User实体设置为提供程序.

The login process consists of a traditional login form (i.e. username + password) with a submit button. All user credentials are stored in MySQL and I've setup a User entity as a provider.

我的php错误日志中没有错误，也没有在Symfony探查器中的异常或日志"下列出错误.

There are no errors in my php errors log, or listed in the Symfony profiler under Exception or Logs.

我所做的一项观察发现，会话属性"标题下没有列出任何内容(在Symfony探查器>请求中)-成功登录后，通常会列出一些安全上下文信息，但现在始终为空.我尝试在首页上设置一个基本的会话变量，该变量设置成功并显示在会话属性"下，但部分成功，但是每次尝试登录时都会清除它！

One observation I've made is nothing is listed under the Session Attributes heading (within Symfony profiler > Request) - normally there would be some security context information listed after successfully logging in, but now it's always empty. I tried setting a basic session variable on the homepage which was partially successful as it gets set and is shown under Session Attributes, but get's cleared whenever attempting to login!

这是我的security.yml文件:

This is my security.yml file:

# app/config/security.yml

security:
  encoders:
    Woodcut\UserBundle\Entity\User: sha512

  role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

  providers:
    main:
        entity: { class: Woodcut\UserBundle\Entity\User, property: username }

  firewalls:
    secured_area:
        pattern:   ^/
        anonymous: ~
        form_login:
            login_path: login
            check_path: login_check
            username_parameter: _username
            success_handler: custom_authentication_handler
            failure_handler: custom_authentication_handler
            #always_use_default_target_path: true
            #default_target_path: /login_router
        logout:
            path: /logout
            target: /
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false


  access_control:
    - { path: ^/admin, roles: ROLE_ADMIN }
    - { path: ^/ratings/update, roles: ROLE_USER }
    - { path: ^/ratings/new, roles: ROLE_USER }
    - { path: ^/favourite, roles: ROLE_USER }

我正在使用典型的LAMP堆栈在Ubuntu 12.04虚拟机上通过Symfony 2.3.13和PHP 5.4.28运行我的站点. PHP以 mod_php 运行.

I'm using a typical LAMP stack to run my site with Symfony 2.3.13 and PHP 5.4.28 on a Ubuntu 12.04 Virtual machine. PHP is running as mod_php.

Symfony Profiler的输出>调试:

INFO - Populated SecurityContext with an anonymous Token
DEBUG - Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall  \ExceptionListener::onKernelException".
DEBUG - Access is denied (user is not fully authenticated) by "/vagrant_www/vprojects/woodcut/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php" at line 70; redirecting to authentication entry point
DEBUG - Calling Authentication entry point 

如果有人可以帮助我确定为什么用户被认证为匿名身份而不是身份自己，那将是很棒的.在过去两天里一直在努力寻找原因.

If someone can please help me determine why users are authenticated as anonymous instead of as themselves that would be great. Been pulling my hear out the last two days trying to find the cause.

在此先感谢您提供的任何帮助！

Thanks in advance for any help provided!

其他信息:我有一个运行站点副本的VPS(用于客户端预览).我在本地VM上进行开发，并在git push上进行更改，然后通过SSH进入VPS并执行git pull以使两个版本保持同步.

Additional info: I have a VPS running a copy of the site (for client previewing). I dev on my local VM and git push my changes, I then SSH into my VPS and do a git pull to keep my two version in sync.

奇怪的是VPS版本没有出现此问题(即登录正常)，但两个版本使用相同的代码库，除了各自的parameter.yml和parameters_dev.yml文件存在一些细微差异

What's strange is the VPS version does not exhibit this issue (i.e. login works fine) yet both versions use an identical codebase except for some minor differences in their respective parameters.yml and parameters_dev.yml files.

更新:在对代码库进行大量编辑并在我的VM上执行apt-get update和apt-get upgrade之后，问题开始出现.因此，为了找出可能的原因，我回滚到了较早的提交-查看问题是否与代码有关.但是，尽管回滚到我的主要代码更改之前，问题仍然存在.

Update: Problem started happening after making a large number of edits to the code base and performing a apt-get update and apt-get upgrade on my VM. So in an effort to isolate the possible cause I rolled back to an earlier commit - to see if the problem was code related. But despite rolling back to before my major coding changes, the problem is still there.

这让我认为原因可能不是与代码相关，而可能与服务器相关，这可能是通过apt-get upgrade安装的新版本PHP(5.4.28)中的某些内容，或者是可能是新的 php.ini 指令?

This has me thinking the cause may not be code related and instead could be server related, something in the new version of PHP (5.4.28) that was installed via apt-get upgrade perhaps OR a new php.ini directive maybe?

我已经运行了Symfony配置检查器工具，一切似乎都很好！

I've run the Symfony configuration checker tool and everything seems fine!

很奇怪.

推荐答案

我正在努力解决同一问题.我检查了几乎所有内容，然后在会话处理程序上发生了这种怀疑……

I was struggling with the same problem. I checked almost everything and after that suspecion fell on session handler...

我有

session: ~

更改为:

session:
    handler_id:  ~

有关会话处理的更多信息: http://symfony.com/doc/2.2/components/http_foundation/session_configuration.html#native-php-save-handlers

More about session handling: http://symfony.com/doc/2.2/components/http_foundation/session_configuration.html#native-php-save-handlers

这篇关于Symfony2-访问被拒绝(用户未完全认证)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！