Geek Answers Handbook

Symfony: Firewalls, Multiple Login Forms

I'm not new to symfony, but I always used FOSUserBundle , which by default forbids one of two different login forms to authenticate two different types of users.

I have two entities, one is Admins and the other is Users . Administrators can only register in the administration area, and users can only log in through the interface.

I followed http://symfony.com/doc/2.1/book/security.html , which also led me to http://symfony.com/doc/2.1/cookbook/security/entity_provider.html

My security.yml:

 jms_security_extra: secure_all_services: false expressions: true security: encoders: Symfony\Component\Security\Core\User\User: sha512 Fm\AdminBundle\Entity\Admins: sha512 Fm\MainBundle\Entity\Users: sha512 role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] providers: chain_provider: chain: providers: [in_memory, admin] in_memory: memory: users: user: { password: userpass, roles: [ 'ROLE_USER' ] } admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] } admin: entity: { class: Fm\AdminBundle\Entity\Admins, property: username } firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false anonymous: true alogin: pattern: ^/admin/login security: false login: pattern: ^/login security: false secured_area: pattern: ^/admin anonymous: false provider: chain_provider switch_user: true form_login: check_path: /admin/login_check login_path: /admin/login logout: path: /admin/logout target: /admin members_area: pattern: ^/ anonymous: false form_login: ~ logout: path: /logout target: / #anonymous: ~ #http_basic: # realm: "Secured Demo Area" access_control: - { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/admin/, roles: ROLE_ADMIN }

In my routes, I defined the routes as in the docs: (by default for / admin / login and / admin / login_check due to my main include routing where / admin is installed)

 _admin_login: pattern: /login defaults: { _controller: FmAdminBundle:Security:login } _admin_login_check: pattern: /login_check

The error I get in the browser:

Unable to find the controller for path "/admin/login_check". Maybe you forgot to add the matching route in your routing configuration?

The stack trace tells me: WARNING - Unable to look for the controller as the "_controller" parameter is missing

AND

ERROR - Symfony\Component\HttpKernel\Exception\NotFoundHttpException: Unable to find the controller for path "/admin/login_check". Maybe you forgot to add the matching route in your routing configuration? (uncaught exception) at /var/www/mysite.dev/symfony/app/bootstrap.php.cache line 1419

+6
source share
2 answers

To implement multiple login in symfony 2XX, try the following code

security.yml

 security: encoders: Symfony\Component\Security\Core\User\User: plaintext Company\AngularBundle\Entity\User: plaintext Company\AngularBundle\Entity\Admin: plaintext role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] providers: users: entity: { class: CompanyAngularBundle:User, property: username } admin: entity: { class: CompanyAngularBundle:Admin, property: username } firewalls: admin_secured_area: pattern: ^/admin anonymous: ~ provider: admin form_login: login_path: /admin/login check_path: /admin/login_check default_target_path: /admin user_secured_area: pattern: ^/ anonymous: ~ provider: users form_login: login_path: login check_path: login_check default_target_path: /home

routing.yml

 login_check: path: /login_check admin_login_check: path: /admin/login_check

Twig file

 Action of login form should be like this <form action="{{ path('login_check') }}" method="post"> Action of admin/login form should be like this <form action="{{ path('admin_login_check') }}" method="post">
+8
source

The problem is that after entering the "secure_area" firewall, you get a redirect to the "/", which is located behind the "members_area" firewall. You cannot access "members_area" with your credentials from "secure_area" (at least not by default). Read more at http://symfony.com/doc/current/reference/configuration/security.html#reference-security-firewall-context .

If you look at the security configuration ( http://symfony.com/doc/current/reference/configuration/security.html ), you will see that the default target_path for form_login is "/". Just change this to / admin:

 security: ... firewalls: ... secured_area: pattern: ^/admin ... form_login: check_path: /admin/login_check login_path: /admin/login default_target_path: /admin logout: ...

An alternative is context sharing, as described in the first link ( http://symfony.com/doc/current/reference/configuration/security.html#reference-security-firewall-context ).

+1
source

More articles:


All Articles