I am following this tutorial Custom Password Authenticator and get the following error when I try to implement the simple form:
InvalidConfigurationException: Unrecognized options "simple_form" under "security.firewalls.main"
This is my security.yml
security:
encoders:
GigCapitol/MasterBundle/Entity/User: plaintext
role_hierarchy:
ROLE_USER: ROLE_USER
ROLE_ADMIN: ROLE_ADMIN
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
users:
entity: { class: GigCapitolMasterBundle:User, property: username }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
anonymous: ~
provider: users
simple-form:
authenticator: MasterAuthenticator
login_path: master_index
check_path: master_login_check
access_control:
- { path: /, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: IS_AUTHENTICATED_FULLY }
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
What seems to be the issue here?
It seems the correct key is "simple_form", and you have "simple-form".
It seems i had version 2.0 or so, simple_form was implemented in 2.2
Related
This is my file security.yml:
security:
encoders:
H360\generalBundle\Entity\UsrUsuarios:
id: usuarios.password_encoder
providers:
usuarios:
entity: { class: H360\generalBundle\Entity\UsrUsuarios}
firewalls:
angular_area:
pattern: ^/[a-zA-Z]{2}/.*/.*/rest/
#provider: entity_admin
anonymous: ~
logout_on_user_change: true
secured_area:
pattern: ^/[a-zA-Z]{2}/
user_checker: app.users.checker
anonymous: ~
logout_on_user_change: true
guard:
authenticators:
- app.login.authenticator
- app.card.authenticator
- app.google.authenticator
entry_point: app.login.authenticator
logout:
path: usuarios_logout
target: /
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/([a-zA-Z]\d*.\d*)/extrest/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/([a-zA-Z]\d*.\d*)/restablelink/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/([a-zA-Z]\d*.\d*)/resturnocomedor/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/([a-zA-Z]\d*.\d*), roles: ROLE_USER}
So, when i upgrade to symfony 3.4, i can't do login.
I have been reading about this, but i don't know the solution ;(
When i try to log in, the page reloads itself and no error appears.
Help pls !
Solvented !!! Finally, it was a problem with the function "supports()" in my LoginAuthenticator.php. This function has to return false.
I think I could be wrong about my security.yaml code.
I get an error:
> No encoder has been configured for account "ProjectBundle\Base\Entity\User".
Can someone please tell me if there is a mistake. I could not find any..
security:
encoders:
ProjectBundle\Base\Entity\User\User: bcrypt
role_hierarchy:
ROLE_ADMIN: [ROLE_USER, ROLE_SHOP_ADMIN]
ROLE_SUPER_ADMIN: ROLE_ADMIN
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
users:
entity:
class: ProjectBundle/Base/Entity/User/User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- ProjectBundle\Base\Security\ApiAuthenticator
anonymous: true
admin_api:
pattern: ^/admin/api
stateless: true
guard:
authenticators:
- ProjectBundle\Base\Security\ApiAuthenticator
anonymous: true
main:
anonymous: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/member/password_reset, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/member/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/user/wallet, role: ROLE_USER }
- { path: ^/member, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
If you follow Symfony documentation : https://symfony.com/doc/current/security/named_encoders.html
You have a mistake after security: you need add an indentation for encoders:
Example
security:
encoders:
ProjectBundle\Base\Entity\User\User: bcrypt
I can't understand why anonimous user can access to routes I want to protect "^/nodes$" and "^/destinations$".
Where I'm wrong? I've read with attention this resource http://symfony.com/doc/current/book/security.html but anyway those url can viewed by anonimous!
This is my security.yml:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
user: { password: athena_user_2014, roles: [ 'ROLE_USER' ] }
admin: { password: athenaspa2014, roles: [ 'ROLE_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/backend
form_login:
check_path: /backend/login_check
login_path: /backend/login
csrf_provider: form.csrf_provider
logout:
path: /backend/logout
target: /
#http_basic:
# realm: "Secured Demo Area"
access_control:
- { path: ^/nodes, roles: ROLE_ADMIN }
- { path: ^/destinations, roles: ROLE_ADMIN }
Your paths are not part of any of your firewall-patterns. You could make the following changes for it to work:
firewalls:
secured_area:
pattern: ^/
...
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/backend, role: ROLE_ADMIN }
- { path: ^/node, role: ROLE_ADMIN }
...
- { path: ^/, role: IS_AUTHENTICATED_ANONYMOUSLY }
The last path is pretty much, what anonymous: true does. When no other access-control matched, the user is not required to be logged in. If you want to be more restrictive, you could do it like the first path ^/login$ which specifies which routes require authentication. Be aware, that the first matching route is used, so be careful of how you order them.
Alternatively you could add another firewall. But keep in mind, that each firewall provides a separate login.
You can also test your routes from the console using the php app/console router-commands. If you are not sure how to use them just type php app/console help router:match for instance
I have downloaded and installed the Symfony2 standard edition. I've done all the steps detailed in the github readme to remove the AcmeBundle that serves as a demo to the framework. When attempting to access the console to double check my routes:
$ php app/console router:debug
I get the following error:
[Symfony\Component\Config\Definition\Exception\InvalidConfigurationException]
The child node "providers" at path "security" must be configured.
When I undelete security.providers in my security.yml file, so I'm left with:
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
#- { path: ^/_internal/secure, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
I get a different but similar error:
[InvalidArgumentException]
You must at least add one authentication provider.
I'm not sure what to do to fix it. Any solutions?
You need the provides, like this config:
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
security: false
secured_area:
anonymous: ~
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
#- { path: ^/_internal/secure, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
For me, the minimal file I could obtain that works without exceptions is:
security:
firewalls:
anonymous:
anonymous: ~
providers:
in_memory:
memory:
Symfony 2.3.3.
I have followed the installation guide for FOSUserBundle and got the following error on the step 8:
[Symfony\Component\DependencyInjection\Exception\ServiceNotFoundException]
ServiceNotFoundException: The service "security.authentication.manager" has a dependency on a non-existent service "security.user.provider.concrete.fos_userbundle".
This is my security.yml:
# app/config/security.yml
security:
providers:
fos_userbundle:
id: fos_user.user_manager
encoders:
Symfony\Component\Security\Core\User\User: plaintext
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/demo/secured/login$
security: false
secured_area:
pattern: ^/demo/secured/
form_login:
check_path: /demo/secured/login_check
login_path: /demo/secured/login
logout:
path: /demo/secured/logout
target: /demo/
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
Should I register service manually? How to proceed?
Try removing the second providers: block (so just the fos_userbundle one remains) ...