symfony-security

问题 in one of my symfony projects I've been running into huge performance issues lately, where the performance issue seems to lay behind "Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener", precisely in the "Symfony\Component\Security\Http\Firewall\ContextListener". Below are screenshots from my development server and the live server - server specifications are meeting the requirements and I'm absolutely sure the issue does not lie behind the server, as other projects have been

问题 I'm trying to use @Security annotations for my routes. Like this: /** * @return Response * @Route("/action") * @Security("has_role('ROLE_USER')") * @Template() */ public function someAction() { return array(); } When the security restriction fires an exception, I get the message Expression "has_role('ROLE_USER')" denied access . This is not acceptable to be shown to the end user, so I'm trying to find a way to customize the message for annotation. Simple workaround is to not to use @Secutity

问题 In Symfony 2 you can set up a target for the logout so that after logout you will be redirected to /main . However with the login you will be redirected to / . Is there a manner to setup a target for a (successful) login as well? firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/m/login$ security: false secured_area: pattern: ^/m form_login: check_path: /m/login_check login_path: /m/login logout: path: /m/logout target: /main anonymous: ~ 回答1: Yes.

问题 In Symfony 2 you can set up a target for the logout so that after logout you will be redirected to /main . However with the login you will be redirected to / . Is there a manner to setup a target for a (successful) login as well? firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/m/login$ security: false secured_area: pattern: ^/m form_login: check_path: /m/login_check login_path: /m/login logout: path: /m/logout target: /main anonymous: ~ 回答1: Yes.

问题 I've been reading up about creating custom voters in Symfony 2. According to this page, it is possible to pass an object to the isGranted method of the securitycontext, which I have done in my own controller: $page = new Page(); if ( ! $securityContext->isGranted('CONTENT_CREATE', $page)) { throw new AccessDeniedException('Fail'); } It looks like the vote method should be accepting it, however, when I call get_class on the $object parameter, instead of getting my Page entity, I get: Symfony

问题 I've been reading up about creating custom voters in Symfony 2. According to this page, it is possible to pass an object to the isGranted method of the securitycontext, which I have done in my own controller: $page = new Page(); if ( ! $securityContext->isGranted('CONTENT_CREATE', $page)) { throw new AccessDeniedException('Fail'); } It looks like the vote method should be accepting it, however, when I call get_class on the $object parameter, instead of getting my Page entity, I get: Symfony

问题 In my requirement, a user receives an email with a url, once he clicks the user will be navigated to the url via an authentication process. So to redirect the user to the clicked url I am using the method mentioned here ( Pass parameters when redirect ) where I intend to pass the redirect url as parameter like login_path: %accounts_host%/signin?redirect=%need_current_url_here% within the security.yml and capture as such $url=$_GET['redirect']; and provide the redirection accordingly. My query

问题 I have 2 bundles in my project: src/Korea/AlmacenBundle src/Galvez/RepuestosBundle Each with their own database korea_motos -> AlmacenBundle galvez_motos -> RepuestosBundle Actually my security.yml has only one provider: providers: korea: entity: { class: Korea\AlmacenBundle\Entity\Usuario, property: username } As you can see, both bundles are authenticated by the same table: Usuario, in korea_motos TABLE: Usuario (korea_motos database) --ID--|----USERNAME----|---------BUNDLE--- -----1-----|-

问题 Let's say I have my access_control block under the security.yml : access_control: - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/reset-password, roles: IS_AUTHENTICATED_ANONYMOUSLY } In this case everyone is alowed to enter homepage and reset-password pages. But I would like to allow these pages only for users authenticated anonymously. Fully authenticated users should get an 403 access denied error or 404 page not found . According documentation with allow_if I should be

问题 I read here how to check the login status of an user by inside a twig template for a Symfony2-based website. However, I need to know how to check if the user is logged in from inside a controller. I was quite sure the the following code was right: $user = $this->get('security.context')->getToken()->getUser(); but it always return something, e.g. a logged user or an anonymous user. Any idea? Thanks in advance. 回答1: Warning : Checking for 'IS_AUTHENTICATED_FULLY' alone will return false if the