prod 环境中的 Ajax 请求导致访问被拒绝(用户未完全通过身份验证) [英] Ajax request in prod environment causes Access is Denied (user in not fully authenticated)
问题描述
我使用的是 Symfony 2.3,但我的生产服务器出现问题.
I'm using Symfony 2.3 and I have a problem on my production server.
在生产环境中,所有 AJAX 请求都失败了(我不明白是什么机会),这会发生(并非总是如此).在 prod.log 我有:
It happens (not always) that (I did not understand what opportunities) in the production environment all AJAX requests fail. In prod.log I have:
security.INFO: Populated SecurityContext with an anonymous Token [] []
[2013-08-08 16:03:28] security.INFO: No expression found; abstaining from voting. [] []
[2013-08-08 16:03:28] security.DEBUG: Access is denied (user is not fully authenticated) by "/var/www/clients/client1/web1/web/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php" at line 73; redirecting to authentication entry point
如果我在 prod 环境中刷新页面(在 ajax 错误之后),什么也没有发生.我仍然登录.但 ajax 失败并出现相同的错误.如果我切换到 app_dev.php,错误就会消失并且 AJAX 可以工作.
If I am in prod environment and I refresh the page (after the ajax errors), nothing happens. I'm still logged in. But ajax fails with same errors. If I switch to app_dev.php the errors disappear and AJAX works.
(ajax 路由在 game/* 模式下)
(The ajax routes is under game/* pattern)
这是我的配置:
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Gdr\UserBundle\Entity\User: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
database:
entity: { class: GdrUserBundle:User, property: email }
firewalls:
secured_area:
pattern: ^/
form_login:
check_path: /login_check
login_path: /login
success_handler: authentication_handler
logout:
path: /logout
target: /
success_handler: authentication_handler
invalidate_session: true
anonymous: ~
access_control:
- { path: /game/*, roles: ROLE_USER }
- { path: /login/choose-character, roles: ROLE_USER }
- { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY}
- { path: /logout, roles: ROLE_USER }
- { path: /admin/*, roles: ROLE_ADMIN }
######Config.yml
framework:
session:
cookie_lifetime: 0
save_path: "%kernel.root_dir%/Sessions/"
cookie_httponly: false
# save_path: ~
我使用 firebug 记录的每个 ajax 请求都会发送一个 302 标头以重定向到登录.如果我尝试在没有 AJAX 的情况下访问该 url,它会起作用.没有 302 码.
Every ajax request that I log with firebug send a 302 header to redirect to login. If I try to access without AJAX to the url, it works. No 302 code.
有什么想法吗?
推荐答案
我发现了问题.
问题是我使用的是带有www"的绝对网址,即 www.mydomain.com,但 cookie 主机没有www".
The issue was that I was using absolute urls with 'www' i.e. www.mydomain.com, but the cookie host was without 'www'.
现在使用相对网址就可以了.谢谢大家:)
Using relative urls now is all fine. Thanks all :)
最后我在这里找到了我的解决方案:Symfony, jQuery.ajax() 调用,会话变量丢失
I found here my solutions, at the end: Symfony, jQuery.ajax() call, session variables lost
这篇关于prod 环境中的 Ajax 请求导致访问被拒绝(用户未完全通过身份验证)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!