当尝试登录时,Symfony2告诉我,我提供了错误的凭据。第二次尝试工作。任何想法为什么会这样? 要重现这种行为,我必须注销,清除cookie,再次进入登录页面并再次登录。
我正在使用FOSUserBundle。
config.yml:
framework:
#esi: ~
secret: asdfsadfasdf
#translator: { fallback: en }
charset: UTF-8
router: { resource: "%kernel.root_dir%/config/routing.yml" }
form: true
csrf_protection: true
validation: { enable_annotations: true }
templating: { engines: ['twig'], assets_version: v1.2 } #assets_version: SomeVersionScheme
translator: { fallback: de }
session:
default_locale: de
auto_start: false
lifetime: 1000000
...
security.yml:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_manager
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/login$
security: false
public:
pattern: ^/.*
form_login:
provider: fos_userbundle
check_path: /login_check
remember_me: true
remember_me:
key: aaasfasdfasdfsadfsadf
lifetime: 1296000 #15 days in second
path: /
anonymous: true
logout: true
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY}
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY}
#- { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
- { path: ^/events/create, roles: ROLE_USER }
#...
acl:
connection: default
的routing.yml:
_imagine:
resource: .
type: imagine
_index:
resource: "@AjadoEventHubBundle/Controller/IndexController.php"
type: annotation
fos_comment_api:
type: rest
resource: "@FOSCommentBundle/Resources/config/routing.yml"
prefix: /api
fos_user_security:
resource: "@FOSUserBundle/Resources/config/routing/security.xml"
...
@ FOSUserBundle /资源/配置/路由/ security.xml文件:
<routes xmlns="http://symfony.com/schema/routing"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/routing http://symfony.com/schema/routing/routing-1.0.xsd">
<route id="fos_user_security_login" pattern="/login">
<default key="_controller">FOSUserBundle:Security:login</default>
</route>
<route id="fos_user_security_check" pattern="/login_check">
<default key="_controller">FOSUserBundle:Security:check</default>
</route>
<route id="fos_user_security_logout" pattern="/logout">
<default key="_controller">FOSUserBundle:Security:logout</default>
</route>
</routes>
答案 0 :(得分:2)
在我看来,这是您启用匿名身份验证时的预期行为:
答案 1 :(得分:1)
我不熟悉symfony,但是,当身份验证检查查找有效的cookie时,我遇到了同样的问题,但是在检查后创建了cookie - 从而导致它第二次通过,从不第一个。
答案 2 :(得分:1)
默认情况下,Symfony要求在提交表单
之前必须存在会话来自文档
# by default, a session must exist before submitting an authentication request # if false, then Request::hasPreviousSession is not called during authentication # new in Symfony 2.3
为了克服这个问题,你可以设置&#34; require_previous_session&#34;在&#34; security.yml&#34;中,(默认情况下为true)为false在&#34; form_login&#34;像这样: require_previous_session:false
您可以在以下链接中阅读Symfony文档中有关它的更多信息 SecurityBundle Configuration ("security")
答案 3 :(得分:0)
我遇到了这个问题,我按照Symfony 2 “Your session has timed out or you have disabled cookies”的答案解决了这个问题。
@AlterPHP是对的,你必须登录两次,因为你第一次收到这样的错误:
Authentication request failed. (...) Your session has timed out, or you have disabled cookies.
由于您没有启动会话,因此使用此请求会创建一个新会话。下次尝试登录时,您可以登录。
您必须在require_previous_session: false文件中设置选项app/config/security.yml,以避免查找上一个会话:
security:
firewalls:
main:
form_login:
require_previous_session: false