我想连接我的Admin当我访问/Admin或与登录表单。
但是出了问题,我无法访问ROLE_ADMIN。
(ROLE_USER的一切都很好,也许我错过了Admin的一些东西?)
这是安全问题。文件:
安全:providers:
our_db_provider:
entity:
class: WebAwardsBundle:User
property: username
# if you're using multiple entity managers
# manager_name: customer
in_memory:
memory:
users:
admin:
password: $2y$13$aabu98fd.l60phldkU.WAeDwgzqiv1IcaF.EndURJuAhGllFgzTv.
roles: 'ROLE_ADMIN'
encoders:
Symfony'Component'Security'Core'User'User: bcrypt
WebAwardsBundle'Entity'User:
algorithm: bcrypt
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
#http_basic: ~
#pattern: ^/
#provider: our_db_provider
form_login:
login_path: login
check_path: login
# Log out user
logout:
path: /logout
target: /
# activate different ways to authenticate
# http_basic: ~
# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
# form_login: ~
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
有SecurityController.php文件:
class SecurityController extends Controller
/**
* @Route("/login", name="login")
*/
public function loginAction(Request $request)
{
$authenticationUtils = $this->get('security.authentication_utils');
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render(
'login.html.twig',
array(
// last username entered by the user
'last_username' => $lastUsername,
'error' => $error,
)
);
}
/**
* @Route("/admin", name="admin_action")
*/
public function adminAction()
{
return new Response('<html><body>Admin page!</body></html>');
}}
这是login. html .twig文件:
{% if error %}
<div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
{% endif %}
<div>CONNECTEZ-VOUS</div>
<form action="{{ path('login') }}" method="post">
<label for="username">Username:</label>
<input type="text" id="username" name="_username" value="{{ last_username }}" />
<label for="password">Password:</label>
<input type="password" id="password" name="_password" />
{#
If you want to control the URL the user
is redirected to on success (more details below)
<input type="hidden" name="_target_path" value="/account" />
#}
<button type="submit">login</button>
</form>
如果你想使用多个提供商,你需要在chain中配置它们
security:
providers:
chain_provider:
chain:
providers: [our_db_provider, in_memory]
你可以在这里阅读多个提供商