[symfony-users] no user-token after login
hi,
i have no access to the user-token when i calling the 'security.context'. the
logger says that a user has logged in successfully and there are also data in
the session.
my config:
security:
encoders:
users:
class: Project\UserBundle\Entity\User
algorithm: plaintext
providers:
default:
entity: { class: UserBundle:User }
firewalls:
default:
pattern: /backend.*
login_check:
pattern: /login_check
security: true
anonymous: true
form_login: true
login:
pattern: /login
security: true
anonymous: true
ROLE_ADMIN: ROLE_USER
ROLE_SUPERADMIN : ROLE_ADMIN
access_control:
- { path: /backend.*, role: ROLE_USER }
- { path: /login_check, role: IS_AUTHENTICATED_ANONYMOUSLY }
thx for your help
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] no user-token after login
Le 22/02/2011 16:52, Florian Semm a écrit : hi, i have no access to the user-token when i calling the 'security.context'. the logger says that a user has logged in successfully and there are also data in the session The context is not shared between the different firewalls by default so you have to use the same firewall for the login and the securized part. So you will only use one firewall unless you want separate authentications on the frontend and the backend. The firewall is about *authentication* (knowing who your user is) not about authorization. The authorization work has to be done with the access control map, not with the pattern of the firewall. -- Christophe | Stof -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] no user-token after login
i have modifiyed my config. i think is nearly the same to your config.
security:
encoders:
users:
class: Project\UserBundle\Entity\User
algorithm: plaintext
providers:
default:
entity: { class: UserBundle:User }
firewalls:
backend:
pattern: /.*
form-login:
login_path: /login
check_path: /login_check
logout: true
provider: default
anonymous: true
access_control:
- { path: /backend/.*, role: ROLE_USER }
the login/session-data is still okay, but the security.context stores an
anoymous-token again.
Original-Nachricht
> Datum: Tue, 22 Feb 2011 17:06:28 +0100
> Von: Christophe COEVOET
> An: symfony-users@googlegroups.com
> Betreff: Re: [symfony-users] no user-token after login
> Le 22/02/2011 16:52, Florian Semm a écrit :
> > hi,
> >
> > i have no access to the user-token when i calling the
> 'security.context'. the logger says that a user has logged in successfully
> and there are also
> data in the session
> The context is not shared between the different firewalls by default so
> you have to use the same firewall for the login and the securized part.
> So you will only use one firewall unless you want separate
> authentications on the frontend and the backend.
>
> The firewall is about *authentication* (knowing who your user is) not
> about authorization. The authorization work has to be done with the
> access control map, not with the pattern of the firewall.
>
> --
> Christophe | Stof
>
> --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com
>
> You received this message because you are subscribed to the Google
> Groups "symfony users" group.
> To post to this group, send email to symfony-users@googlegroups.com
> To unsubscribe from this group, send email to
> symfony-users+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/symfony-users?hl=en
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
