匿名令牌,即使在公共页面上登录也是如此 [英] Anonymous token even if logged in in public pages
问题描述
设置安全性时遇到麻烦.
I'm having some trouble setting my security.
我希望匿名和登录成员都可以访问该页面.我希望它根据情况显示不同的内容(实际上,我希望在继续浏览时仍以成员身份登录).
I want a page to be accessible both by anonymous and by logged in members. I want it to show different content depending on the situation (in fact, i want to still be logged in as a member when i go on it).
我要公开访问的页面是^/profile.
The page I want to give public access is ^/profile.
我将我的security.yml设置为:
I set my security.yml like that :
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# Firewall pour les pages de connexion, inscription, et récupération de mot de passe
login:
pattern: ^/(login$|register|resetting) # Les adresses de ces pages sont login, register et resetting
anonymous: true # On autorise bien évidemment les anonymes sur ces pages # Firewall principal pour le reste de notre site
public:
pattern: ^/profile
anonymous: true
homepage:
pattern: ^/$
anonymous: true
main:
pattern: ^/ # ^/ = tout ce qui commence par / = tout notre site
form_login: # On définit notre méthode d'authentification
provider: fos_userbundle # On lie l'authentification au provider définit plus haut
remember_me: true # On active la possibilité du "Se souvenir de moi" (désactivé par défaut)
remember_me:
key: %secret% # On définit la clé pour le remember_me (%secret% est un parametre de parameters.yml)
anonymous: false # On autorise les utilisateurs anonymes (non identifiés)
logout: true # On autorise la déconnexion manuelle (désactivé par défaut)
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
我的问题是,当我登录并访问该页面时,好像我没有登录(我有登录按钮),因为防火墙给了我一个匿名令牌.
My problem is that when I'm logged in and I access this page, it's like i'm not logged in (i've got my log in button) because the firewall give me an anonymous token.
感谢您的帮助. 脚手架
thanks for your help. Scaff
推荐答案
身份验证中的常见陷阱:
Common pitfalls in authentication:
多个防火墙不共享安全上下文
如果您使用多个防火墙,并且针对一个防火墙进行身份验证,则不会自动针对任何其他防火墙进行身份验证.不同的防火墙就像不同的安全系统.为此,您必须为不同的防火墙明确指定相同的防火墙上下文. 但是通常对于大多数应用程序而言,拥有一个主防火墙就足够了.
Multiple firewalls don't share security context
If you're using multiple firewalls and you authenticate against one firewall, you will not be authenticated against any other firewalls automatically. Different firewalls are like different security systems. To do this you have to explicitly specify the same Firewall Context for different firewalls. But usually for most applications, having one main firewall is enough.
So put all under one main firewall and use ACLs as in the FOSUSerBundle installation step 4.
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
remember_me: true
logout: true
anonymous: true
remember_me:
key: %secret%
access_control:
- { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/profile, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
这篇关于匿名令牌,即使在公共页面上登录也是如此的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!