I think I could be wrong about my security.yaml code.
I get an error:
> No encoder has been configured for account "ProjectBundle\Base\Entity\User".
Can someone please tell me if there is a mistake. I could not find any..
security:
encoders:
ProjectBundle\Base\Entity\User\User: bcrypt
role_hierarchy:
ROLE_ADMIN: [ROLE_USER, ROLE_SHOP_ADMIN]
ROLE_SUPER_ADMIN: ROLE_ADMIN
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
users:
entity:
class: ProjectBundle/Base/Entity/User/User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- ProjectBundle\Base\Security\ApiAuthenticator
anonymous: true
admin_api:
pattern: ^/admin/api
stateless: true
guard:
authenticators:
- ProjectBundle\Base\Security\ApiAuthenticator
anonymous: true
main:
anonymous: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/member/password_reset, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/member/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/user/wallet, role: ROLE_USER }
- { path: ^/member, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
If you follow Symfony documentation : https://symfony.com/doc/current/security/named_encoders.html
You have a mistake after security: you need add an indentation for encoders:
Example
security:
encoders:
ProjectBundle\Base\Entity\User\User: bcrypt
Related
This is my file security.yml:
security:
encoders:
H360\generalBundle\Entity\UsrUsuarios:
id: usuarios.password_encoder
providers:
usuarios:
entity: { class: H360\generalBundle\Entity\UsrUsuarios}
firewalls:
angular_area:
pattern: ^/[a-zA-Z]{2}/.*/.*/rest/
#provider: entity_admin
anonymous: ~
logout_on_user_change: true
secured_area:
pattern: ^/[a-zA-Z]{2}/
user_checker: app.users.checker
anonymous: ~
logout_on_user_change: true
guard:
authenticators:
- app.login.authenticator
- app.card.authenticator
- app.google.authenticator
entry_point: app.login.authenticator
logout:
path: usuarios_logout
target: /
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/([a-zA-Z]\d*.\d*)/extrest/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/([a-zA-Z]\d*.\d*)/restablelink/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/([a-zA-Z]\d*.\d*)/resturnocomedor/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/([a-zA-Z]\d*.\d*), roles: ROLE_USER}
So, when i upgrade to symfony 3.4, i can't do login.
I have been reading about this, but i don't know the solution ;(
When i try to log in, the page reloads itself and no error appears.
Help pls !
Solvented !!! Finally, it was a problem with the function "supports()" in my LoginAuthenticator.php. This function has to return false.
I work under symfony, and I would like to configure my pattern in security so that it applies to everything but a certain path. (/Home)
I made that but it doesn't work and I don't know Regex :
pattern: ^/(?!/accueil).*$
There I am obliged to put all my links, which gives:
pattern: ^/(admin|profile|package|securiteInformatique|logout)
So it would be easier to put "all escept" /accueil
My security.yml:
# app/config/security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
app:
id: bes_auth.user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# anonymous: true
# public:
# pattern: ^accueil
# security: false
# anonymous: true
main:
logout_on_user_change: true
# pattern: ^/(admin|profile|packages|securiteInformatique|logout)
#pattern: ^/(?!accueil)
form_login:
check_path: fos_user_security_login_check
login_path: /login_check
guard:
authenticators:
- app.security.login_form_authenticator
- bes_auth.authenticator
entry_point: Site\PagesBundle\Security\LoginFormAuthenticator
logout:
path: deconnexion #nom de la route de déconnexion
target: /
success_handler: bes_auth.authenticator
anonymous: true
access_control:
- { path: ^/admin, role: ROLE_SUPER_ADMIN }
- { path: ^/accueil, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_USER }
You should remove the public firewall altogether, remove pattern from your main firewall, and use access_control to handle the permissions.
The following configuration is read by Symfony from the top down, applying the first rule it finds. So any URL beginning with /accueil will be checked against by your main firewall, but will allow the public to view without logging in (because you have anonymous: true). Every other URL (that doesn't begin with /accueil) will require the ROLE_USER role, therefore will force authentication.
access_control:
- { path: ^/admin, role: ROLE_SUPER_ADMIN }
- { path: ^/accueil, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_USER }
My access control doesn't work. When I'm anonymous, I can access to the url /admin, or normally it's must be impossible.
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
default_target_path: liste_projet
always_use_default_target_path: true
login_path: /
# if you are using Symfony < 2.8, use the following config instead:
# csrf_provider: form.csrf_provider
logout: true
anonymous: ~
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/inscription, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
Do you have an idea? A bad configuration of me? I'm using symfony3
Change
- { path: ^/admin/, role: ROLE_ADMIN }
to
- { path: ^/admin, role: ROLE_ADMIN }
Otherwise when you request the /admin page, the path won't match with the first one.
I configured the FOSUserBundle for my symfony bundle (following the cookbook http://symfony.com/doc/1.3.x/bundles/FOSUserBundle/index.html).
When I try to access the login page I get this error:
You are not allowed to define new elements for path "security.firewalls". Please define all elements for this path in one config file.
my seurity.yml file is:
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: security.csrf.token_manager # Use form.csrf_provider instead for Symfony <2.4
logout: true
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
I can't understand what's the problem, any suggestion?
Thanks in advance
the first problem I see is an indentation problem in your yaml security file :
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: security.csrf.token_manager # Use form.csrf_provider instead for Symfony <2.4
logout: true
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
Check carefully documentation available at https://symfony.com/doc/master/bundles/FOSUserBundle/index.html, check routes, clear cache and you're normally done ;)
Feel free to come back here if any other problems is encountered.
Best Regards.
I'm using SF2 together with FOS user bundle.
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username
encoders:
FOS\UserBundle\Model\UserInterface: sha512
firewalls:
dev:
pattern: ^/(_(profiler|wdt|error)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: false
access_control:
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
If I set my main: anonymous: false to true, I no longer get a redirect loop, but then people don't need to be logged in to access everything (which they should be!)
I think the access_control has an entry for the ^/login route so that people don't need to be authenticated, but I suspect it doesn't work.
With this statement:
anonymous: false
this is no longer valid:
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
Therefore the framework can't redirect to the login which causes the redirect loop (FOS needs anonymous to be true in order to work properly)... I don't know if it works but you could try to set
{ path: ^/*, role: ROLE_USER }
as the first or last line of the assetic control,... no guarantee it works, this is would I would try in order to create the result you are looking for