传统登录表单中的“Bad Credentials”错误

时间:2014-01-28 06:53:13

标签: php security symfony doctrine

我是symfony的新手,并尝试在Symfony Docs的帮助下开发Login应用程序。但是 我在提交事件上遇到错误,如下所示

exception 'Symfony\Component\Security\Core\Exception\BadCredentialsException' with message 'Bad credentials' in D:\xampp\htdocs\LoginProject\vendor\symfony\symfony\src\Symfony\Component\Security\Core\Authentication\Provider\UserAuthenticationProvider.php:90 Stack trace: #0 D:\xampp\htdocs\LoginProject\app\cache\dev\classes.php(3366): session_start() #1 D:\xampp\htdocs\LoginProject\app\cache\dev\classes.php(3444): Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage->start() #2 D:\xampp\htdocs\LoginProject\app\cache\dev\classes.php(3190): Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage->getBag('attributes') #3 D:\xampp\htdocs\LoginProject\vendor\symfony\symfony\src\Symfony\Component\Security\Http\Firewall\ContextListener.php(76): Symfony\Component\HttpFoundation\Session\Session->get('_security_secur...') #4 D:\xampp\htdocs\LoginProject\app\cache\dev\classes.php(4644): Symfony\Component\Security\Http\Firewall\ContextListener->handle(Object(Symfony\Component\HttpKernel\Event\GetResponseEvent)) #5 [internal function]: Symfony\Component\Security\Http\Firewall->onKernelRequest(Object(Symfony\Component\HttpKernel\Event\GetResponseEvent), 'kernel.request', Object(Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher)) #6 D:\xampp\htdocs\LoginProject\vendor\symfony\symfony\src\Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher.php(392): call_user_func(Array, Object(Symfony\Component\HttpKernel\Event\GetResponseEvent), 'kernel.request', Object(Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher)) #7 [internal function]: Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher->Symfony\Component\HttpKernel\Debug\{closure}(Object(Symfony\Component\HttpKernel\Event\GetResponseEvent), 'kernel.request', Object(Symfony\Component\EventDispatcher\ContainerAwareEventDispatcher)) #8 D:\xampp\htdocs\LoginProject\app\cache\dev\classes.php(2903): call_user_func(Object(Closure), Object(Symfony\Component\HttpKernel\Event\GetResponseEvent), 'kernel.request', Object(Symfony\Component\EventDispatcher\ContainerAwareEventDispatcher)) #9 D:\xampp\htdocs\LoginProject\app\cache\dev\classes.php(2836): Symfony\Component\EventDispatcher\EventDispatcher->doDispatch(Array, 'kernel.request', Object(Symfony\Component\HttpKernel\Event\GetResponseEvent)) #10 D:\xampp\htdocs\LoginProject\app\cache\dev\classes.php(3000): Symfony\Component\EventDispatcher\EventDispatcher->dispatch('kernel.request', Object(Symfony\Component\HttpKernel\Event\GetResponseEvent)) #11 D:\xampp\htdocs\LoginProject\vendor\symfony\symfony\src\Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher.php(139): Symfony\Component\EventDispatcher\ContainerAwareEventDispatcher->dispatch('kernel.request', Object(Symfony\Component\HttpKernel\Event\GetResponseEvent)) #12 D:\xampp\htdocs\LoginProject\app\bootstrap.php.cache(2900): Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher->dispatch('kernel.request', Object(Symfony\Component\HttpKernel\Event\GetResponseEvent)) #13 D:\xampp\htdocs\LoginProject\app\bootstrap.php.cache(2883): Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object(Symfony\Component\HttpFoundation\Request), 1) #14 D:\xampp\htdocs\LoginProject\app\bootstrap.php.cache(3022): Symfony\Component\HttpKernel\HttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #15 D:\xampp\htdocs\LoginProject\app\bootstrap.php.cache(2303): Symfony\Component\HttpKernel\DependencyInjection\ContainerAwareHttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #16 D:\xampp\htdocs\LoginProject\web\app_dev.php(28): Symfony\Component\HttpKernel\Kernel->handle(Object(Symfony\Component\HttpFoundation\Request)) #17 {main}

请查看下面的代码

Security.yml 

   secured_area:
        pattern:    ^/
        anonymous: ~
        form_login:
            check_path: /login_check
            login_path: login_login_homepage

        logout:
            path:   login_login_logout
            target: /
            invalidate_session:   true

        #anonymous: ~
        #http_basic:
        #    realm: "Secured Demo Area"

access_control:
    #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
     - { path: ^/admin/users, roles: ROLE_SUPER_ADMIN }
     - { path: ^/admin, roles: ROLE_ADMIN }
     - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
     - { path: /user, roles: ROLE_USER }
     - { path: /.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }

的routing.yml 

login_login_homepage:
    pattern:  /login
    defaults: { _controller: LoginLoginBundle:Default:login }

check_login:
    pattern: /login_check

DefaultController.php 

public function loginAction(Request $request){
         $session = $request->getSession();

       if($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)){
           $error = $request->attributes->get(
                SecurityContext::AUTHENTICATION_ERROR
           );
       }else{
           $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
           $session->remove(SecurityContext::AUTHENTICATION_ERROR);
       }


       $login = $this->check_loginAction($request->get('username'),$request->get('password'));
       if($login){
           return $this->render(
                'LoginLoginBundle:Default:Login.html.twig',
                array(
                    'last_username'=>$session->get(SecurityContext::LAST_USERNAME)
                )
        );
       }else{
        return $this->render(
                'LoginLoginBundle:Default:Login.html.twig',
                array(
                    'last_username'=>'Error',
                    'error'=>$error,
                )
        );
      }
    }

    public function check_loginAction($username,$password){

            $em = $this->getDoctrine()->getManager();
            $respondary = $em->getRepository('LoginLoginBundle:Login');

            $login = $respondary->findOneBy(array('user' => $username, 'pass' => $password));
            if($login){
                return true;
            }else{
                return false;
                //$this->render('LoginLoginBundle:Default:Login.html.twig', array('error' => 'Login Failed'));
            }

    }

请帮帮我。

2 个答案:

答案 0 :(得分:2)

您输入了错误的用户名或密码。检查security.yml中的用户名密码

providers:
    in_memory:
        memory:
            users:
                ryan:  { password: ryanpass, roles: 'ROLE_USER' }
                admin: { password: kitten, roles: 'ROLE_ADMIN' }

答案 1 :(得分:1)

您无需实施check_loginActionSymfony2会照顾它。

因此,在控制器中,loginAction就像:

public function loginAction(Request $request)
    {
        $session = $request->getSession();

        // get the login error if there is one
        if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
            $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
        } else {
            $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
            $session->remove(SecurityContext::AUTHENTICATION_ERROR);
        }

        return $this->render('LoginLoginBundle:Default:Login.html.twig', array(
            // last username entered by the user
            'last_username' => $session->get(SecurityContext::LAST_USERNAME),
            'error'         => $error,
        ));
    }

最重要的是确保设置正确的提供程序,它应该指向您已实现的User类。例如,假设您的LoginLoginBundle中的User类位于Acme\Bundle中。因此,提供者应设置如下:

providers:
        main:
          entity: { class: Acme\Bundle\LoginLoginBundle\Entity\User, property: username }

最后,您应该确保将role_hierarchy设置为与Role类中的角色名称相匹配:

role_hierarchy:
        YourRoleName1: [ROLE_USER, ROLE_ADMIN, ROLE_SUPERADMIN]
        YourRoleName2: [ROLE_USER, ROLE_ADMIN]
        YourRoleName3: ROLE_USER
        YourRoleName4: ROLE_USER
相关问题
最新问题