ELB 后面的 Symfony2 重定向到 http 而不是 https [英] Symfony2 behind ELB is redirecting to http instead of https

问题描述

问题:

• 用户使用

解决方案

看一看

<块引用>

vendor/symfony/symfony/src/Symfony/Component/HttpFoundation/Request.php

AWS ELB 使用 HTTP_X_FORWARDED_PROTO 和 HTTP_X_FORWARDED_PORT 而 Symfony 查看 X_FORWARDED_PROTO 和 X_FORWARDED_PORT 标头来判断连接及其安全状态.

您可以尝试更改 trustHeaders 中的那些键，尽管我不建议直接更改它们，而是找到一种方法来覆盖它们.

protected static $trustedHeaders = array(self::HEADER_CLIENT_IP =>'X_FORWARDED_FOR',self::HEADER_CLIENT_HOST =>'X_FORWARDED_HOST',self::HEADER_CLIENT_PROTO =>'HTTP_X_FORWARDED_PROTO',self::HEADER_CLIENT_PORT =>'HTTP_X_FORWARDED_PORT',);

参考 -http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#x-forwarded-for

Issue:

• User logs in with https://example.com/login
• Authentication is approved
• As configured in security.yml Symfony2 redirects user to profile page after login.
• But it redirects them to the wrong url http://example.com/homepage

security.yml:

security:

    encoders:
        FOSUserBundleModelUserInterface: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        main:
            pattern:    ^/
            form_login:
                check_path: /login_check
                login_path: /login
                default_target_path: /profile
                provider: fos_userbundle
            logout:
                path:   /logout
                target: /splash
            anonymous: ~

    access_control:
        - { roles: ROLE_USER, requires_channel: https }
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

    acl:
        connection: default

Environment Architecture:

The Server1 and Server2 holds Symfony2 application.

Question:

How to force Symfony to generate redirect URL with https protocol instead http?

So far I have looked at these docs, and the solution didn't work work in my case:

• http://symfony.com/doc/current/cookbook/routing/scheme.html

解决方案

Take a look at

vendor/symfony/symfony/src/Symfony/Component/HttpFoundation/Request.php

AWS ELB's use HTTP_X_FORWARDED_PROTO and HTTP_X_FORWARDED_PORT while Symfony looks the X_FORWARDED_PROTO and X_FORWARDED_PORT headers to judge the connection and its secure status.

You can try changing those keys in the trustedHeaders although I would not recommend directly changing them but finding a way to override those.

protected static $trustedHeaders = array(
        self::HEADER_CLIENT_IP    => 'X_FORWARDED_FOR',
        self::HEADER_CLIENT_HOST  => 'X_FORWARDED_HOST',
        self::HEADER_CLIENT_PROTO => 'HTTP_X_FORWARDED_PROTO',
        self::HEADER_CLIENT_PORT  => 'HTTP_X_FORWARDED_PORT',
    );

Reference - http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#x-forwarded-for

这篇关于ELB 后面的 Symfony2 重定向到 http 而不是 https的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！