Reputation: 41
symfony2 This web page has a redirect loop
I am building a Symfony2 project but I have a problem: I configured the security.yml and routing.yml to create an authentication system. I have 2 bundles: one for admin and one for users. When I try to access to the login page I have a redirect loop.
This is my security.yml file :
security:
encoders:
Symfony\Component\Security\Core\User\User:
algorithm: bcrypt
cost: 12
BackOfficeBundle\Entity\Administrateur:
algorithm: bcrypt
BackOfficeBundle\Entity\Collaborateur:
algorithm: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
administrators:
entity: { class: BackOfficeBundle:Administrateur, property: username }
users:
entity: { class: BackOfficeBundle:Collaborateur, property: email }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
front_login:
pattern: ^/login$
anonymous: true
back_login:
pattern: ^/login$
anonymous: true
back:
pattern: ^/platform
anonymous: true
provider: administrators
form_login:
login_path: /platform/login
check_path: /platform/login_check
default_target_path: /platform
logout:
path: /platform/logout
target: /platform/login
front:
pattern: ^/collaborateur
anonymous: false
provider: users
form_login:
login_path: /collaborateur/login
check_path: /collaborateur/login_check
default_target_path: /collaborateur
logout:
path: /collaborateur/logout
target: /collaborateur/clogin
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
- { path: ^/platform, roles: ROLE_ADMIN }
- { path: ^/collaborateur, roles: ROLE_USER }
And this is the app/config/routing.yml:
front_office:
resource: "@FrontOfficeBundle/Resources/config/routing.yml"
prefix: /collaborateur
back_office:
resource: "@BackOfficeBundle/Resources/config/routing.yml"
prefix: /platform
and the BackOfficeBundle/Resources/config/routing.yml:
login:
pattern: /login
defaults: { _controller: UserBundle:Security:login }
login_check:
pattern: /login_check
logout:
pattern: /logout
Upvotes: 2
Views: 1247
Answers (2)
Reputation: 4310
Try this:
firewalls:
...
front_login:
pattern: ^/platform/login$
anonymous: true
back_login:
pattern: ^/collaborateur/login$
anonymous: true
...
Your login form is on /platform/login but your anonymous security exceptions are only for /login (which is wrong) and everything under ^/platform is protected. Symfony detects secured area and try to redirect to login path but /platform/login is again in secured area (and again, again, again).
Upvotes: 1
Reputation: 39410
You need to describe in the security.yml that the login route are public as follow:
access_control:
- { path: ^/platform/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/collaborateur/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/platform, roles: ROLE_ADMIN }
- { path: ^/collaborateur, roles: ROLE_USER }
Hope this help
Upvotes: 1
Related Questions
- Symfony infinite loop leading to ERR_TOO_MANY_REDIRECTS error
- Too many redirects with symfony 4
- infinite loop on a redirect route
- Symfony redirect response error
- Loop Redirect after login Symfony2
- Automatic redirection not explicable
- Redirect not working in Symfony 2
- Always get redirected
- Redirect loop of death in Symfony2 security
- symfony wrong index and auto redirect to xampp webpage