模拟过程中会话丢失 [英] Session lost during impersonation
问题描述
我在 config.yml 中使用带有配置的 sonata_user 的 SonataAdminBundle:
I use SonataAdminBundle with configured sonata_user in config.yml:
sonata_user:
impersonating:
route: _profile_logged
# more config
我的管理面板位于 /admin 前缀下.我已经使用 impersonating 字段配置了 UserAdmin(基于 User 实体).我试图通过单击管理面板中的链接来模拟用户,但我看到了应用程序(不是管理面板)登录页面.
I have my admin panel under /admin prefix. I've configured UserAdmin (based on User entity) with impersonating field. I've tried to go to impersonate user by clicked link in my admin panel and I saw application (not admin panel) login page.
我检查了开发者工具栏,我注意到模拟用户的请求被重定向到登录页面.这很奇怪,因为此请求与前一个请求的参数几乎相同(对于管理面板中的用户列表).特别是 Request Cookies 部分是相同的.
I checked developer toolbar and I noticed that request for impersonate user was redirected to login page. It's quite strange, because this request has mostly same parameters like previous one (for user list in admin panel). Especially Request Cookies section is identical.
我注意到 Request Headers 的一个区别:第一个请求(对于管理面板中的用户列表)发送 cache-control max-age=0 但第二个请求(对于冒充)不会.
I noticed one difference in Request Headers: first one request (for user list in admin panel) send cache-control max-age=0 but second one (for impersonate) dosen't.
显然,我以完全权限(特别是 ROLE_ALLOWED_TO_SWITCH)登录到用户的管理面板.
Obviously, I logged to admin panel on user with full permissions (particularly ROLE_ALLOWED_TO_SWITCH).
那么,我如何直接从管理面板进行模拟?我的应用可能有什么问题?
So, how can I do impersonate directly from admin panel? What could be wrong in my app?
推荐答案
我发现了一个问题:
4.多个防火墙不共享安全上下文表单文档:http://symfony.com/doc/current/book/security.html#book-security-common-pitfalls
并找到解决方案:
因此,如果您的应用程序和管理面板有单独的防火墙,则需要定义防火墙上下文.
So, define firewall context is necessary if you have separate firewall for application and admin panel.
这篇关于模拟过程中会话丢失的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
