I'm having trouble getting authentication to work but it only appears to happen in very specific circumstances. Authentication is done via a third party API so I've written my own user provider class and inside that class is some code that syncs data between the API and Symfony, as part of that syncing process it determines which roles the user should have. After doing this it sets up the relationships between the roles and user via a ManyToMany relationship.
The getRoles() method in my User object gets the role objects out of the database and turns it into an array of strings, the role names come from my database and all start with ROLE_.
If I login with an account that should have no extra roles it works fine, but if I login to an account that should have roles I just get sent back to the login screen with no error message.
I've checked the log and saw these entries:
security.INFO: User "test105@example.com" has been authenticated successfully [] []
event.DEBUG: Notified event "security.interactive_login" to listener "Pogo\MyBundle\Listener\LoginListener::onSecurityInteractivelogin". [] []
event.DEBUG: Listener "Symfony\Component\Security\Http\Firewall::onKernelRequest" stopped propagation of the event "kernel.request". [] []
event.DEBUG: Listener "Symfony\Bundle\FrameworkBundle\EventListener\RouterListener" was not called for event "kernel.request". [] []
event.DEBUG: Listener "Symfony\Bundle\AsseticBundle\EventListen开发者_JAVA百科er\RequestListener" was not called for event "kernel.request". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\Security\Http\Firewall\ContextListener::onKernelResponse". [] []
security.DEBUG: Write SecurityContext in the session [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ResponseListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bundle\SecurityBundle\EventListener\ResponseListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bridge\Monolog\Handler\FirePHPHandler::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Sensio\Bundle\FrameworkExtraBundle\EventListener\CacheListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bundle\WebProfilerBundle\EventListener\WebDebugToolbarListener::onKernelResponse". [] []
event.DEBUG: Notified event "kernel.request" to listener "Symfony\Bundle\FrameworkBundle\EventListener\RouterListener::onEarlyKernelRequest". [] []
event.DEBUG: Notified event "kernel.request" to listener "Symfony\Bundle\FrameworkBundle\EventListener\SessionListener::onKernelRequest". [] []
event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\Security\Http\Firewall::onKernelRequest". [] []
security.INFO: Populated SecurityContext with an anonymous Token [] []
event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
security.DEBUG: Access denied (user is not fully authenticated); redirecting to authentication entry point [] []
security.DEBUG: Calling Authentication entry point [] []
I don't understand how it can be authenticated at top, then as soon as it checks the firewall it finds itself with an anonymous token which is why it presumably sends me back to the login screen.
My firewall / access_control settings are:
firewalls:
public:
pattern: /.*
anonymous: true
tessitura_login:
login_path: /account/login
check_path: /secure/login_check
logout:
path: /secure/logout
target: /
access_control:
- { path: ^/secure/.*, role: ROLE_USER }
- { path: ^/admin.*, role: ROLE_ADMIN }
- { path: ^/account/login/?, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
Any help with this would be massively appreciated, I've spent a few hours on this now and am completely stumped.
Got this silent fail issue when was using phone number as username and didn't specified username property in refreshUser() method, which should be:
public function refreshUser(UserInterface $customer)
{
$class = get_class($customer);
if( !$this->supportsClass($class) ) {
throw new UnsupportedUserException("Instances of \"{$class}\" are not supported");
}
return $this->loadUserByUsername($customer->getPhoneNumber()); // <-- This is it!
}
I think I'm not the only one who missed it, might help.
A broken session storage caused this for me. I was using PdoSessionHandler and disappointingly it gave no clear error or log message.
I've experienced the same. When my users logs in I check what role he has with a couple of statements like this:
if(true === $this->get('security.context')->isGranted('ROLE_MANAGER')){
//return redirect
}
if(true === $this->get('security.context')->isGranted('ROLE_USER')){
//return redirect
}
//throw error
Time to time some users get an error thrown in their face. I imagine that it is because of the same reason. The user is somehow authenticated but haven't got their role.
I can't reproduce the problem my self. I have just heard error reports from my users.
I've experienced the same. And for me it was because the /tmp partition was full so the session can be store on server side and avter redirect to the nex
I just experienced the same issue when logging in to my system where sessions are configured to be stored in memcache but memcached was not running. As said above unfortunately it gave no better error message.
Hope that helps someone to save some time ;-)
I had the same issue with the user login i have used the sonata admin bundle and i was also using the database session with PdoSessionHandler
session.handler.pdo:
class: Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler
arguments: ["@pdo", %pdo.db_options%]
First issue i got when i create a group with lot of roles/permissions the data truncated in the field so i alter my roles field with longtext and changed the ROW_FORMAT=COMPRESSED
ALTER TABLE `fos_group` CHANGE `roles` `roles` LONGTEXT NOT NULL COMMENT '(DC2Type:array)';
ALTER TABLE `fos_group`
ENGINE=INNODB
ROW_FORMAT=COMPRESSED
KEY_BLOCK_SIZE=8;
It does the job and save all the roles/permissions into the field as complete serialized string.But user was unable to login with no error message then i have review the logs generated by symfony in app/logs dir it has
user has been authenticated successfully
and then redirect to dashboard but from dashboard the logs generated as
access denied (user is not fully authenticated)
the reason was the session data is truncated in the session table so i alter my session table as well and this does the job
ALTER TABLE `session` CHANGE `session_value` `session_value` LONGTEXT NOT NULL;
ALTER TABLE `session`
ENGINE=INNODB
ROW_FORMAT=COMPRESSED
KEY_BLOCK_SIZE=8;
I have also updated my.ini file and changed the file format to Barracuda by default file format is antelop
[mysqld]
innodb_file_per_table
innodb_file_format = Barracuda
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论