symfony-3.4 - Symfony 未在 AccessDeniedException 中重定向到登录

问题描述

在 AccessDenied Exception 中的 Symfony 项目（3.4）中，它不会重定向到登录路径。通常在 Symfony 项目中，如果用户未通过身份验证，它会重定向到登录 url。配置中有什么需要做的吗？

下面是我的security.yml

security:
    access_denied_url: /oauth/v2/auth/login
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext

        Walkingspree\APIAuthBundle\Security\WebserviceUser:
            algorithm: md5
            iterations: 1
            encode_as_base64: false

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
    # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
    providers:
        in_memory:
            memory: ~

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        oauth_token:
            pattern:  ^/oauth/v2/token
            security: false

        oauth_authorize:
            pattern:   ^/oauth/v2/auth
            anonymous: true
            stateless: false
            #form_login:
            #    provider: walkingspree_members
            #    login_path: /oauth/v2/auth/login
            #    check_path: /oauth/v2/auth/login/check
            logout:
                path:   /oauth/logout
                target: /

        register:
            pattern:  ^/service/register
            security: false

        resetpw:
            pattern:  ^/service/account/password/reset
            security: false

        site:
            pattern:   ^/service/
            fos_oauth: true
            stateless: true
            # activate different ways to authenticate

            # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
            #http_basic: ~

            # https://symfony.com/doc/current/security/form_login_setup.html

    access_control:
        - { path: ^/api, roles: ROLE_USER }        #form_login: ~
#        { path: ^/auth/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

谢谢你。

[2018-10-11 12:52:55] request.INFO: Matched route "fos_oauth_server_authorize". {"route":"fos_oauth_server_authorize","route_parameters":{"_controller":"fos_oauth_server.controller.authorize:authorizeAction","_route":"fos_oauth_server_authorize"},"request_uri":"http://localhost/oauth/v2/auth?client_id=3_5m8giw18bkowccck8k0s8gwooockscgskkkwscsgcgsosogog0&redirect_uri=https%3A%2F%2Fapi.walkingspree.com%2FNaS&response_type=code","method":"GET"} []
[2018-10-11 12:52:55] security.INFO: Populated the TokenStorage with an anonymous Token. [] []

[2018-10-11 12:52:55] event.DEBUG: Notified event "kernel.controller_arguments" to listener "Sensio\Bundle\FrameworkExtraBundle\EventListener\IsGrantedListener::onKernelControllerArguments". {"event":"kernel.controller_arguments","listener":"Sensio\\Bundle\\FrameworkExtraBundle\\EventListener\\IsGrantedListener::onKernelControllerArguments"} []
[2018-10-11 12:52:55] security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): This user does not have access to this section. at /srv/com.walkingspree.api/vendor/friendsofsymfony/oauth-server-bundle/Controller/AuthorizeController.php:157)"} []
[2018-10-11 12:52:55] request.CRITICAL: Uncaught PHP Exception Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException: "Full authentication is required to access this resource." at /srv/com.walkingspree.api/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php line 126 {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\InsufficientAuthenticationException(code: 0): Full authentication is required to access this resource. at /srv/com.walkingspree.api/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php:126, Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): This user does not have access to this section. at /srv/com.walkingspree.api/vendor/friendsofsymfony/oauth-server-bundle/Controller/AuthorizeController.php:157)"} []

标签： symfony-3.4php-7.2