我有一个关于symfony安全性的问题。
我的安全。Yml的设置如下:
security:
encoders:
Symfony'Component'Security'Core'User'User: plaintext
OVB'DBBundle'Entity'User'User:
id: ovb.password.encoder
providers:
in_memory:
memory:
users:
test: { password: ******, roles: 'ROLE_ADMIN' }
main:
entity:
class: OVB'DBBundle'Entity'User'User
property: email
firewalls:
secured_area:
provider: in_memory
pattern: ^/
anonymous: ~
http_basic:
realm: "Secured Test Area"
main:
pattern: ^/
provider: main
form_login:
login_path: /login
check_path: ovb_login_check
use_referer: true
logout: true
anonymous: ~
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
access_control:
- { path: ^/, roles: ROLE_ADMIN }
- { path: ^/login_check, roles: ROLE_USER }
正如您所看到的,我有两个具有相同模式的防火墙。第一个(secured_area)是为了保护我的测试环境(HTTP认证),第二个是为普通网站用户(表单登录)。它们单独使用时都有效,但放在一起就不行了,我认为这是因为它们使用了相同的模式。有人知道怎么做吗?
谢谢!
在您的基础security.yml:
security:
#...
providers:
main:
entity:
class: 'OVB'DBBundle'Entity'User'User'
property: email
dev:
memory:
users:
admin: { password: ******, roles: 'ROLE_ADMIN' }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
provider: main
form_login:
login_path: /login
check_path: ovb_login_check
use_referer: true
logout: true
anonymous: ~
在你的security_dev.yml:
security:
firewalls:
main:
http_basic:
provider: dev