在不安全区域访问 app.user,silex [英] Accessing app.user in unsecured area, silex
问题描述
我有这样的防火墙配置:
I have this configuration for firewall :
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
'admin' => array(
'pattern' => '^/admin',
'form' => array(
'login_path' => '/#login',
'check_path' => '/admin/login_check',
),
'logout' => array(
'logout_path' => '/admin/logout',
)
),
'unsecured' => array(
'anonymous' => true,
'pattern' => '^.*$',
),
));
还有这个用于 security.rules :
and also this for security.rules :
$app['security.access_rules'] = array(
array('^/admin', 'ROLE_ADMIN'),
array('.*', 'IS_AUTHENTICATED_ANONYMOUSLY'),
);
我看到这个答案:Silex/Symfony 安全防火墙访问安全区域外的用户令牌但问题是,我无法访问/"页面中的 app.user,并且 is_granted(在 twig 中)总是对任何输入返回 false.
I see this answer : Silex/Symfony Security Firewall Access user token outside the secured area But the problem is, I can not access the app.user in "/" page and is_granted (in twig) always return false to any input.
我不知道那个答案中提到的 ACL 是否是别的东西(除了 access_rules)或者我做错了什么.
I don't know if the ACL mentioned in that answer is something else (other than the access_rules) or I do something wrong.
推荐答案
我相信一个用户(令牌)只能在登录它的防火墙内访问.所以只要你在 /admin
您网站的一部分,您可以访问 app.user
,但不在不安全"防火墙内.
I believe a user (token) is only accessible within the firewall that logged it in. So as long as you are within /admin
part of your site you would have access to the app.user
, but not within the "unsecured" firewall.
要获得您正在寻找的行为,您需要拥有一个具有 ^/
模式的整体/站点范围的防火墙,然后使用访问规则来限制对 /admin 的访问代码>.
To have the behaviour you are looking for, you need to have one overall/sitewide firewall with the pattern of ^/
and then use access rules to restrict access to /admin
.
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
'main' => array(
'pattern' => '^/',
'anonymous' => true,
'form' => array(
'login_path' => '/#login',
'check_path' => '/admin/login_check',
),
'logout' => array(
'logout_path' => '/admin/logout',
)
),
));
$app['security.access_rules'] = array(
array('^/admin', 'ROLE_ADMIN'),
array('^/', 'IS_AUTHENTICATED_ANONYMOUSLY'),
);
因此,您网站的全新用户将立即进行匿名身份验证,直到他们以允许他们访问 /admin
的角色登录.
So a brand new user to your site would be immediately authenticated anonymously, until they login with a role that allows them to access /admin
.
还值得注意的是,如果您将登录表单放在管理区域内,例如 /admin/login
.他们需要为登录 URL 添加匿名访问规则.
It's also worth noting that if you were to have your login form within admin area, as something like /admin/login
. Them you would need to add an anonymous access rule for the login URL.
希望这会有所帮助!
这篇关于在不安全区域访问 app.user,silex的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!