1. IT宝库
  2. 编程技术问答
  3. 其他开发
  4. 如何在symfony2中保护除登录页面外的所有页面?

如何在symfony2中保护除登录页面外的所有页面?[英] how to secure whole pages except login page in symfony2?

 

本文是小编为大家收集整理的关于如何在symfony2中保护除登录页面外的所有页面?的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。

问题描述

我想通过FosuserBundle通过登录来确保整个站点.我尝试设置安全性. 

security:
encoders:
    Symfony\Component\Security\Core\User\User: plaintext
    FOS\UserBundle\Model\UserInterface: sha512

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
    fos_userbundle:
        id: fos_user.user_manager

firewalls:
    main:
        pattern:    ^/
        form_login:
            check_path: /login_check
            login_path: /login
            provider: fos_userbundle
            always_use_default_target_path: true
            default_target_path: /dashboard
        logout:
            path:   /logout
            target: /
        anonymous: ~
        #http_basic:
        #    realm: "Secured Demo Area"

access_control:
    - { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
    #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

,但是我不知道在config.yml中设置什么 这是我的config.yml 

 imports:
- { resource: parameters.yml }
- { resource: security.yml }

framework:
#esi:             ~
translator:       ~
secret:          %secret%
router:
    resource: "%kernel.root_dir%/config/routing.yml"
    strict_requirements: ~
form:            ~
csrf_protection: ~
validation:      { enable_annotations: true }
templating:
    engines: ['twig']
    #assets_version: SomeVersionScheme
default_locale:  "%locale%"
trusted_proxies: ~
session:         ~
fragments:       ~
http_method_override: true

# Twig Configuration
twig:
debug:            %kernel.debug%
strict_variables: %kernel.debug%

# Assetic Configuration
assetic:
debug:          %kernel.debug%
use_controller: false
bundles:        [ ]
#java: /usr/bin/java
filters:
    cssrewrite: ~
    #closure:
    #    jar: %kernel.root_dir%/Resources/java/compiler.jar
    #yui_css:
    #    jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar

# Doctrine Configuration
doctrine:
dbal:
    driver:   %database_driver%
    host:     %database_host%
    port:     %database_port%
    dbname:   %database_name%
    user:     %database_user%
    password: %database_password%
    charset:  UTF8
    # if using pdo_sqlite as your database driver, add the path in parameters.yml
    # e.g. database_path: %kernel.root_dir%/data/data.db3
    # path:     %database_path%

orm:
    auto_generate_proxy_classes: %kernel.debug%
    auto_mapping: true

# Swiftmailer Configuration
swiftmailer:
transport: %mailer_transport%
host:      %mailer_host%
username:  %mailer_user%
password:  %mailer_password%
spool:     { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: Dashboard\UserBundle\Entity\User

这是我的控制器

<?php

namespace Proposals\ProposalsBundle\Controller;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;

use Proposals\ProposalsBundle\Entity\Proposals;
use Proposals\ProposalsBundle\Form\ProposalsType;

/**
* Proposals controller.
*
*/
class ProposalsController extends Controller
{

/**
 * Lists all Proposals entities.
 *
 */
public function indexAction()
{
    $em = $this->getDoctrine()->getManager();

    $entities = $em->getRepository('ProposalsProposalsBundle:Proposals')->findAll();

    return $this->render('ProposalsProposalsBundle:Proposals:index.html.twig', array(
        'entities' => $entities,
    ));
}

当我打开任何页面时,它不会检查任何用户是否已登录或不登录.我希望每个页面都通过登录确定,如果用户登录,则每个页面都打开了,如果未登录用户,则不在登录中,然后不显示或重定向到登录.帮助应用

推荐答案

每次相同时,没有人关注文档.韦恩.但是对于您的垃圾邮件,您不应该得到答案,但这是不公平的^^ 

security:
    firewalls:
        main:
            pattern: ^/
            # other settings
            anonymous:    true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_USER }

其他推荐答案

转到此URL localhost/quickbacklog/web/app_dev.php/dashboard
您必须在security.yml

中添加这样的添加 
firewalls:
        main:
            pattern:    ^/
            form_login:
                provider:             fos_userbundle
                default_target_path:  /dashboard/                
            logout:     
                ........
                invalidate_session: false
            anonymous: ~

在路由文件

applicationlogin_success:
  pattern: /dashboard/
  defaults: { _controller: SampleBundle:Default:FrontPage }

通过使用 default_target_path:routing_pattern
u将重定向...

本文地址:https://www.itbaoku.cn/post/2090738.html

百度翻译此文   有道翻译此文

问题描述

I want to have whole site secured through login with FOSUserBundle. I tried to set security.yml like this

security:
encoders:
    Symfony\Component\Security\Core\User\User: plaintext
    FOS\UserBundle\Model\UserInterface: sha512

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
    fos_userbundle:
        id: fos_user.user_manager

firewalls:
    main:
        pattern:    ^/
        form_login:
            check_path: /login_check
            login_path: /login
            provider: fos_userbundle
            always_use_default_target_path: true
            default_target_path: /dashboard
        logout:
            path:   /logout
            target: /
        anonymous: ~
        #http_basic:
        #    realm: "Secured Demo Area"

access_control:
    - { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
    #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

But then I don't know what to set in config.yml this is my config.yml

 imports:
- { resource: parameters.yml }
- { resource: security.yml }

framework:
#esi:             ~
translator:       ~
secret:          %secret%
router:
    resource: "%kernel.root_dir%/config/routing.yml"
    strict_requirements: ~
form:            ~
csrf_protection: ~
validation:      { enable_annotations: true }
templating:
    engines: ['twig']
    #assets_version: SomeVersionScheme
default_locale:  "%locale%"
trusted_proxies: ~
session:         ~
fragments:       ~
http_method_override: true

# Twig Configuration
twig:
debug:            %kernel.debug%
strict_variables: %kernel.debug%

# Assetic Configuration
assetic:
debug:          %kernel.debug%
use_controller: false
bundles:        [ ]
#java: /usr/bin/java
filters:
    cssrewrite: ~
    #closure:
    #    jar: %kernel.root_dir%/Resources/java/compiler.jar
    #yui_css:
    #    jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar

# Doctrine Configuration
doctrine:
dbal:
    driver:   %database_driver%
    host:     %database_host%
    port:     %database_port%
    dbname:   %database_name%
    user:     %database_user%
    password: %database_password%
    charset:  UTF8
    # if using pdo_sqlite as your database driver, add the path in parameters.yml
    # e.g. database_path: %kernel.root_dir%/data/data.db3
    # path:     %database_path%

orm:
    auto_generate_proxy_classes: %kernel.debug%
    auto_mapping: true

# Swiftmailer Configuration
swiftmailer:
transport: %mailer_transport%
host:      %mailer_host%
username:  %mailer_user%
password:  %mailer_password%
spool:     { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: Dashboard\UserBundle\Entity\User

and this is my controller

<?php

namespace Proposals\ProposalsBundle\Controller;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;

use Proposals\ProposalsBundle\Entity\Proposals;
use Proposals\ProposalsBundle\Form\ProposalsType;

/**
* Proposals controller.
*
*/
class ProposalsController extends Controller
{

/**
 * Lists all Proposals entities.
 *
 */
public function indexAction()
{
    $em = $this->getDoctrine()->getManager();

    $entities = $em->getRepository('ProposalsProposalsBundle:Proposals')->findAll();

    return $this->render('ProposalsProposalsBundle:Proposals:index.html.twig', array(
        'entities' => $entities,
    ));
}

When i open any page its not check either user is logged in or not.I want every page is secured through login if user logged in then every page open if user not logged in then page not show or redirect to login.any help appriciated

推荐答案

Every time the same, nobody bats an eye on the documentation. Wayne. But for your spamming you shouldn't get a answer, but this would be unfair ^^

security:
    firewalls:
        main:
            pattern: ^/
            # other settings
            anonymous:    true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_USER }

其他推荐答案

for move to this URL localhost/QuickBacklog/web/app_dev.php/dashboard
you must add like this in the security.yml

firewalls:
        main:
            pattern:    ^/
            form_login:
                provider:             fos_userbundle
                default_target_path:  /dashboard/                
            logout:     
                ........
                invalidate_session: false
            anonymous: ~

In the routing file 

applicationlogin_success:
  pattern: /dashboard/
  defaults: { _controller: SampleBundle:Default:FrontPage }

BY USING default_target_path : ROUTING_PATTERN
u will redirect it...

上一篇:使用Bootstrap的自定义FOSUserBundle登录模板
下一篇:如何用symfony2(和fosUserBundle)在登录时动态地添加用户角色?
相关问答
  Symfony2的CRSF保护是如何工作的?
  Symfony2登录和安全
  Symfony2 AJAX登录
  .htaccess重定向除主页外的所有页面
  如何保护我的登录页面
  将验证码添加到Symfony2登录页面
  强制将除一个页面外的所有页面重定向到SSL
  htaccess将除一个页面外的所有页面从html重定向到php
  将除一个页面外的所有页面重定向至子域htaccess
  Symfony2 OAuth在提供令牌时一直给我一个登录页面
更多内容  更多相关问答
相关标签/搜索
security symfony csrf csrf-protection login php fosuserbundle apache .htaccess redirect