ELB 后面的 Symfony2 重定向到 http 而不是 https [英] Symfony2 behind ELB is redirecting to http instead of https
问题描述
问题:
- 用户使用
看一看
<块引用>vendor/symfony/symfony/src/Symfony/Component/HttpFoundation/Request.php
AWS ELB 使用 HTTP_X_FORWARDED_PROTO 和 HTTP_X_FORWARDED_PORT 而 Symfony 查看 X_FORWARDED_PROTO 和 X_FORWARDED_PORT 标头来判断连接及其安全状态.
您可以尝试更改 trustHeaders 中的那些键,尽管我不建议直接更改它们,而是找到一种方法来覆盖它们.
protected static $trustedHeaders = array(self::HEADER_CLIENT_IP =>'X_FORWARDED_FOR',self::HEADER_CLIENT_HOST =>'X_FORWARDED_HOST',self::HEADER_CLIENT_PROTO =>'HTTP_X_FORWARDED_PROTO',self::HEADER_CLIENT_PORT =>'HTTP_X_FORWARDED_PORT',);
Issue:
- User logs in with https://example.com/login
- Authentication is approved
- As configured in security.yml Symfony2 redirects user to profile page after login.
- But it redirects them to the wrong url http://example.com/homepage
security.yml:
security:
encoders:
FOSUserBundleModelUserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
main:
pattern: ^/
form_login:
check_path: /login_check
login_path: /login
default_target_path: /profile
provider: fos_userbundle
logout:
path: /logout
target: /splash
anonymous: ~
access_control:
- { roles: ROLE_USER, requires_channel: https }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
acl:
connection: default
Environment Architecture:
The Server1 and Server2 holds Symfony2 application.
Question:
How to force Symfony to generate redirect URL with https protocol instead http?
So far I have looked at these docs, and the solution didn't work work in my case:
Take a look at
vendor/symfony/symfony/src/Symfony/Component/HttpFoundation/Request.php
AWS ELB's use HTTP_X_FORWARDED_PROTO and HTTP_X_FORWARDED_PORT while Symfony looks the X_FORWARDED_PROTO and X_FORWARDED_PORT headers to judge the connection and its secure status.
You can try changing those keys in the trustedHeaders although I would not recommend directly changing them but finding a way to override those.
protected static $trustedHeaders = array(
self::HEADER_CLIENT_IP => 'X_FORWARDED_FOR',
self::HEADER_CLIENT_HOST => 'X_FORWARDED_HOST',
self::HEADER_CLIENT_PROTO => 'HTTP_X_FORWARDED_PROTO',
self::HEADER_CLIENT_PORT => 'HTTP_X_FORWARDED_PORT',
);
这篇关于ELB 后面的 Symfony2 重定向到 http 而不是 https的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!