本文介绍了FOSUserBundle + HWIOAuth安全配置失败的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使FOSUserBundle和HWIOAuth一起工作以处理两种类型的用户的身份验证:代表和实习生.代表人员将开始使用HWIOAuth,并将使用Salesforce和内部FOSUserBundle.

I'm trying to get FOSUserBundle and HWIOAuth working together for handle the authentication of two types of users: representatives and interns. The representatives ones would begin using HWIOAuth and would use Salesforce and internal FOSUserBundle.

我正在尝试设置所有内容,但是遇到了问题,因为当我尝试访问/login-salesforce/admin路由时,Symfony会引发此错误.

I'm trying to set everything but I have problems because Symfony throws this error when I try to access the /login-salesforce or /admin routes.

这是security.yml文件的内容:

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_REPRESENTATIVE:        [ROLE_USER]
        ROLE_ADMIN:                 [ROLE_REPRESENTATIVE, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        #this is the secured area accessed through web browser and only internals are allowed to login
        admin_area:
            pattern:    ^/admin
            anonymous:    ~
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                login_path: /login
                check_path: /login_check
                post_only: true
                always_use_default_target_path: true
                target_path_parameter: _target_path
                use_referer: false
                failure_path: null
                failure_forward: false
            logout:
                path:   fos_user_security_logout
                target: /

        #this is the public area accessed by/from iOs app and only users registered at Salesforce as rep can login
        rep_area:
            methods: [GET, POST]
            pattern: ^/
            anonymous: true
            logout: true
            logout:
                path:   /logout
                target: /
            oauth:
                resource_owners:
                    salesforce: "/login/check-salesforce"
                login_path: /login
                failure_path: /login
                oauth_user_provider:
                    service: pdi_salesforce.oauth_user_provider

    access_control:
        - { path: ^/reptool, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_SUPER_ADMIN }

我认为,从HWIOAuth方面,我已进行了所有设置(可以共享,如果有人需要的话).这是routing.yml文件的内容:

From HWIOAuth side I got everything setup, I think (can share if needed by someone). This is the content of routing.yml file:

#HWIOAuthBundle
hwi_oauth_redirect:
    resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
    prefix:   /connect

hwi_oauth_login:
    resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
    prefix:   /login

salesforce_login:
    pattern: /login/check-salesforce

#PDOne
pd_one:
    resource: "@PDOneBundle/Controller/"
    type:     annotation
    prefix:   /

template:
    resource: "@TemplateBundle/Controller/"
    type:     annotation
    prefix:   /

#FOSUserBundle
fos_user:
    resource: "@FOSUserBundle/Resources/config/routing/all.xml"

#SonataAdmin
admin:
    resource: '@SonataAdminBundle/Resources/config/routing/sonata_admin.xml'
    prefix: /admin

_sonata_admin:
    resource: .
    type: sonata_admin
    prefix: /admin

我还想念什么?这里有没有人可以让这两个一起工作,并可以分享他们的工作来完成它?

What else I am missing? Does any here get those two working together and can share their work to get it done?

推荐答案

问题在这里

admin_area:
        pattern:    ^/admin
        anonymous:    ~
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            login_path: /admin/login
            check_path: /admin/login_check
            post_only: true
            always_use_default_target_path: true
            target_path_parameter: _target_path
            use_referer: false
            failure_path: null
            failure_forward: false
        logout:
            path:   fos_user_security_logout
            target: /

login_pathcheck_path需要在前面具有/admin.

这篇关于FOSUserBundle + HWIOAuth安全配置失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

06-13 23:42