Symfony security firewall

Question

I´m starting a web app with this framework. And I have a problem with the first part, the login: I have two entities:

USERS

password;
}

function eraseCredentials()
{
}
function getRoles(){
    return array('ROLE_USUARIO');
}
function getUsername(){
    return $this->getEmail();
}
function getSalt(){
    return 'my_salt';
}
}

CLIENTS

password;
}

function eraseCredentials()
{
}
function getRoles(){
    return array('ROLE_USUARIO');
}
function getUsername(){
    return $this->getEmail();
}
function getSalt(){
    return 'my_salt';
}
}

I added these last methods because in the docs it says we need to.

Now I have configured my security.yml file

security:

    encoders:
        app\UsersBundle\Entity\Users: { algorithm: sha512 }
        app\Clients\Entity\Clients: { algorithm: sha512 }
    access_control:
        - { path: ^/users/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/users/registro, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/users/*, roles: ROLE_USUARIO }
    role_hierarchy:
        ROLE_ADMIN:     [ROLE_USER, ROLE_SONATA_ADMIN,ROLE_USUARIO]
        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] 
    providers:
        chain_provider:
            chain:
                providers: [users, clients]
        users:
            entity: { class: app\UsersBundle\Entity\Users, property: email }
        clients:
            entity: { class: app\ClientsBundle\Entity\Clients, property: email }    
    firewalls:
        frontend:
            pattern:    ^/*
            provider:   chain_provider
            form_login:
                login_path: users_login
                check_path: users_login_check
            logout:
                path: users_logout

I don´t know if at this point I´m right. There are two kind of users:USERS and CLIENTS(the chain_provider is correct to do the login between the two kind of users?).

Users routing file

users_login:
    pattern:  /login
    defaults: { _controller: UsersBundle:Default:login }

users_login_check:
    pattern:  /login_check

users_logout:
    pattern:   /logout

Config routing file

users:
    resource: "@UsersBundle/Resources/config/routing.yml"
    prefix:   /users
home:      
    path:     /users/login
    defaults: { _controller:UsersBundle:Default:home}   

_home:
    path:     /
    defaults: { _controller FrameworkBundle:Redirect:redirect, route: home }

And finally the UsersBundle controller:

render('UsuariosBundle:Default:login.html.twig');
    }

    public function loginAction(Request $peticion){

    }
}

If I write in the browser "localhost/app/web/app_dev.php" it redirects me to "localhost/app/web/app_dev.php/users/login" but I get the error 302, and it says "too many redirects". And if I open the chrome console(F12) I see a lot of login.php files "open" every 3 seconds.

Kyborg2011 · Accepted Answer

It looks like you forgot anonymous ~ parameter. Change this your code:

frontend:
            pattern:    ^/*
            provider:   chain_provider
            form_login:
                login_path: users_login
                check_path: users_login_check
            logout:
                path: users_logout

Like that:

frontend:
    anonymous: ~
    pattern:    ^/
    provider:   chain_provider
        form_login:
            login_path: users_login
            check_path: users_login_check
        logout:
            path: users_logout

I think, anonymous parameter will solve your problem.

Symfony security firewall

Answers (1)

Related Questions