时间戳

首页 > 解决方案 > Symfony 4 - 两个防火墙导致 ERR_TOO_MANY_REDIRECTS

php - Symfony 4 - 两个防火墙导致 ERR_TOO_MANY_REDIRECTS

问题描述

我写这篇文章是因为之前对使用多个防火墙导致 Symfony 2 中的 ERR_TOO_MANY_REDIRECTS 的答案没有帮助。“主”防火墙似乎工作得很好,“管理员”是导致问题的一个。每次我尝试输入路径“ http://localhost:8000/admin ”时,它都会重定向到“ http://localhost:8000/admin_login ”,但会进入重定向循环并因上述错误而崩溃。

安全.yaml

security:
encoders:
    App\Entity\User:
        algorithm: bcrypt
    Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN
providers: 
    chain_provider:
            chain:
                providers: [in_memory, db_provider]
    in_memory:
        memory:
            users:
               theadmin:
                    password: iamadmin
                    roles: 'ROLE_SUPER_ADMIN'
    db_provider:
        entity:
            class: App\Entity\User
            property: email
firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    admin:
        pattern: /admin
        anonymous: ~

        form_login: 
            username_parameter: _username
            login_path: /admin_login
            check_path: /admin_login
            provider: in_memory
            default_target_path: admin

        logout:
            path: /admin_logout
            target: /


    main:
        pattern: /
        anonymous: ~

        form_login: 
            username_parameter: _email
            login_path: /login
            check_path: /login
            provider: db_provider
            default_target_path: welcome

        logout:
            path: /logout
            target: /
access_control:
- { path: ^/welcome, roles: ROLE_USER }
- { path: ^/admin, roles: ROLE_SUPER_ADMIN }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin_login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

AdminSecurityController.php

namespace App\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;

class AdminSecurityController extends AbstractController
{
    /**
     * @Route("/admin_login", name="admin_login")
     */

    public function admin_login(Request $request, AuthenticationUtils $utils)
    {
        $error = $utils->getLastAuthenticationError();

        $auth_checker = $this->get('security.authorization_checker');

        if ($auth_checker->isGranted('ROLE_SUPER_ADMIN')) {
            return $this->render('admin/dashboard.html.twig', [
                'controller_name' => 'AdminController',
            ]);
                } else{
                    return $this->render('admin_security/admin_login.html.twig', [
                        'error' => $error
                    ]);
        }
    }

    /**
     * @Route("/admin_logout", name="admin_logout")
     */

    public function admin_logout()
    {

    }
}

标签: phpsymfonysymfony4

解决方案

访问控制条目从上到下进行分析。因此,您需要将^/admin_login条目放在^/admin.

想象一下当前如何设置安全组件:

  1. 您访问登录表单,然后按提交
  2. 您(来宾)被重定向到/admin_login路径
  3. 安全组件遍历条目并将/admin _login 与^/admin条目匹配
  4. 因为它需要ROLE_SUPER_ADMIN,所以你最终会出现一个循环

记得之后清除缓存。

推荐阅读