Symfony2.4使用UsernamePasswordToken登录时出现错误,我快要疯了。。。
我在我的网站上用他们的URL和他们用户的哈希自动登录用户。行动非常简单,我唯一想做的(经过一些检查)是:
$token = new UsernamePasswordToken($user, $user->getPassword(), 'secured_area', $user->getRoles());
$this->get('security.context')->setToken($token);
有了这个,在某些情况下它是有效的(当我尝试时,它总是有效的…),但在一些情况下不起作用。。。这种情况下的日志显示:
[2014-10-30 15:47:25] request.INFO: Matched route "_my_route" (parameters: "_controller": "MyController", "url": "my-url", "hash": "2f5fccc7b5fc2d41bbc3e1e469655f24f540e383", "_route": "_my_route") [] []
[2014-10-30 15:47:25] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2014-10-30 15:47:25] security.DEBUG: Write SecurityContext in the session [] []
[2014-10-30 15:47:25] request.CRITICAL: Uncaught PHP Exception RuntimeException: "Failed to start the session because headers have already been sent by "/route/app/bootstrap.php.cache" at line 1365." at /route/app/cache/prod/classes.php line 119 {"exception":"[object] (RuntimeException: Failed to start the session because headers have already been sent by '"/route/app/bootstrap.php.cache'" at line 1365. at /route/app/cache/prod/classes.php:119)"} []
[2014-10-30 15:47:25] security.DEBUG: Write SecurityContext in the session [] []
为什么标头已经发送?为什么只有在某些情况下?有人知道什么时候经常发生这种情况?
我尝试了很多事情:检查在此之前是否没有打印任何字符,更改安全性中的防火墙。yml,将会话放在磁盘文件中。。。
我认为一切都好。
我的用户实体:
class MyUser implements UserInterface, 'Serializable
{
...
/**
* Serializes the user.
*
* The serialized data have to contain the fields used byt the equals method.
*
* @return string
*/
public function serialize()
{
return serialize(array(
$this->id,
$this->password,
$this->email
));
}
/**
* Unserializes the user.
*
* @param string $serialized The serialized string
*
* @return void
*/
public function unserialize($serialized)
{
list(
$this->id,
$this->password,
$this->email
) = unserialize($serialized);
}
...
Security.yml
security:
encoders:
Symfony'Component'Security'Core'User'User: plaintext
MyProject'PublicBundle'Entity'MyUser:
algorithm: sha1
iterations: 1
encode_as_base64: false
role_hierarchy:
ROLE_USER: ROLE_PENDING
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
main:
entity: { class: MyProject'PublicBundle'Entity'MyUser, property: email }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
failure_path: /login
username_parameter: email
password_parameter: password
default_target_path: /login-redirect
logout:
path: /logout
target: /
remember_me:
key: "aSecretKey"
lifetime: 321408000
path: /
domain: %domain%
config.yml(会话部分是在第一次错误后添加的)
framework:
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
templating:
engines: ['twig']
default_locale: "%locale%"
trusted_hosts: ~
trusted_proxies: ~
session:
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/sessions"
fragments: ~
http_method_override: true
这可能与如何将令牌保存到会话有关。
你使用的服务是这样的吗:
$token = new UsernamePasswordToken($user, $user->getPassword(), 'secured_area', $user->getRoles());
$this->get('security.context')->setToken($token);
$this->get('session')->set('_security_secured_area',serialize($token));
自动注册后用户身份验证