我试图限制对ROLE_USER的/路径的访问,但是当它一次重定向到登录页面时,它会继续这样做,而我得到了: ERR_TOO_MANY_REDIRECTS
这是我的security.yaml:
security:
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
guard:
authenticators:
- App\Security\UserAuthenticator
form_login: true
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/, roles: ROLE_USER }
# - { path: ^/profile, roles: ROLE_USER }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
这是我的SecurityController:
/**
* @Route("/login", name="app_login")
*/
public function login(AuthenticationUtils $authenticationUtils): Response
{
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render('security/login.html.twig', ['last_username' => $lastUsername, 'error' => $error]);
}
答案 0 :(得分:0)
我必须将其添加到security.yml中:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }