Symfony2 和 Uploadify:不保留安全令牌 [英] Symfony2 and Uploadify : security token is not kept

问题描述

我正在尝试让 Symfony2 和 Uploadify 在一个安全区域内协同工作.(Uploadify 是一个用于上传多个文件的 flash/javascript 组件)

I'm trying to make Symfony2 and Uploadify working together in a secured area. (Uploadify is a flash/javascript component used to upload multiple files)

当后端脚本路由在安全区域之外时，我的uploadify 组件工作正常，但在该区域中时，我收到 302 HTTP 错误.

My uploadify component is working fine when the back-end script route is out of the secure area, but when in this area, I get a 302 HTTP error.

日志信息是:

security.INFO: Authentication exception occurred; redirecting to authentication entry point (A Token was not found in the SecurityContext.)  

在寻找答案时，我发现将 PHPSESSID 作为 post 参数传递给后端脚本应该适用于非框架 php"，但使用 Symfony 安全组件，似乎甚至没有达到这个脚本.

While searching for an answer, I found that passing the PHPSESSID to the back-end script as a post parameter should work on "non-framework php" but with the Symfony Security Component, it seems that this script is not even reached.

有谁知道是否有办法将该令牌发送到后端脚本，同时将此脚本保存在安全区域中?

Does anyone know if there is a way to send that token to the back-end script while keeping this script in the secure area ?

推荐答案

在阅读了 Symfony 网站后，该解决方案可能可行(尚未测试).在您的 security.yml 文件中，将您的 access_contol 配置选项更改为这样的...

After having a read around the Symfony website, it's possible that this solution may work (haven't tested it). In your security.yml file, change your access_contol config option to something like this...

access_control:
        - { path: ^/path/to/flash_component, roles: IS_AUTHENTICATED_ANONYMOUSLY }

其中/path/to/flash_component 是您在 Uploadify 中上传到的 URL.让我知道这是否有效.

Where /path/to/flash_component is the URL you are uploading to in Uploadify. Let me know if that works.

这篇关于Symfony2 和 Uploadify:不保留安全令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！