Reputation: 6805
Multiple firewalls in symfony2
I have a problem with my security configuration in symfony2. I need two firewalls for two different user entity.
Here are my configuration files:
security.yml:
security:
encoders:
entity_owner:
class: Pisteur\CoreBundle\Entity\OwnerAccount
algorithm: sha512
iterations: 5000
encode_as_base64: false
entity_business:
class: Pisteur\BusinessBundle\Entity\BusinessOwner
algorithm: sha512
iterations: 5000
encode_as_base64: false
providers:
entity_owner:
name: entity_owner
entity:
class: Pisteur\CoreBundle\Entity\OwnerAccount
property: username
entity_business:
name: entity_business
entity:
class: Pisteur\BusinessBundle\Entity\BusinessOwner
property: username
firewalls:
entity_business:
pattern: ^/business
anonymous: ~
form_login:
check_path: /business/login_check
login_path: /business/login
default_target_path: /business/dashboard
provider: entity_business
logout:
path: /logout
target: /business/login
entity_owner:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
default_target_path: /dashboard
provider: entity_owner
logout:
path: /logout
target: /login
role_hierarchy:
ROLE_ADMIN: [ROLE_USER, ROLE_BUSINESS]
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/business/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/account, roles: ROLE_USER }
- { path: ^/dashboard, roles: ROLE_USER }
- { path: ^/business/dashboard, roles: ROLE_BUSINESS }
- { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
Here are all my routings:
security_login:
pattern: /login
defaults: { _controller: "PisteurSecurityBundle:Security:login" }
requirements: { _method: get }
login_check:
pattern: /login_check
business_security_login:
pattern: /business/login
defaults: { _controller: "PisteurSecurityBundle:BusinessSecurity:login" }
requirements: { _method: get }
business_login_check:
pattern: /business/login_check
logout:
pattern: /logout
Login form for OwnerAccount:
<form id="login-form" action="{{ path('login_check') }}" method="post">
<label><input id="username" type="text" name="_username" /></label>
<label><input id="password" type="password" name="_password" /></label>
<button class="btn custom large orange-button" type="submit" id="login-button">{% trans from "login" %}login{% endtrans %}</button>
</form>
Login form for BusinessOwner:
<form id="login-form" action="{{ path('business_login_check') }}" method="post">
<label><input id="username" type="text" name="_username" /></label>
<label><input id="password" type="password" name="_password" /></label>
<button class="btn custom large orange-button" type="submit" id="login-button">{% trans from "login" %}login{% endtrans %}</button>
</form>
When I login with the OwnerAccount form, it works and redirect my to /dashboard. When I login with the BusinessOwner form, it does not work and redirect to /login (should be /business/login) with the error "BadCredentials"
I'm not sure why but it seems that only the entity_owner is used (because it redirect to /login from the /business/login)
Is that something wrong in my configuration?
Upvotes: 2
Views: 2752
Answers (2)
Reputation: 6015
Move all of your owner resources to /owner. Change the entity_owner pattern to ^/owner, and make the main page redirect to /owner.
Upvotes: 2
Reputation: 6015
Try something like ^/(?!business) for the entity_owner pattern, this may prevent the entity_owner pattern from matching the entity_business pattern.
Upvotes: 3
Related Questions
- How to manage several firewalls in symfony 3.4
- Symfony 3 - Firewall exlude one host
- Symfony security firewall
- Symfony2 Security Configuration - How to use two firewalls side by side
- Add multiples firewalls in symfony 2
- multiple firewalls with symfony2
- Symfony2 - 2 firewalls, 1 login
- Per-host Firewalls in Symfony2
- Complex firewall configuration - Symfony2 security
- Multiple firewalls (Admin and user)