如何解决如何在 Symfony 5.3 上使用新的基于身份验证器的安全系统的 LDAP 表单登录和表单登录?
启用新的基于身份验证的安全性时出现奇怪的行为。
我发现 form_login
和 form_login_ldap
链不能一起工作。都是自己的作品,json_login
和 json_login_ldap
。
这是我的security.yaml
security:
# https://symfony.com/doc/current/security/experimental_authenticators.html
enable_authenticator_manager: true
password_hashers:
# this internal class is used by Symfony to represent in-memory users
# (the 'InMemoryUser' class was introduced in Symfony 5.3.
# In previous versions it was called 'User')
Symfony\Component\Security\Core\User\InMemoryUser: 'auto'
App\Entity\User: 'auto'
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
users_in_memory:
memory:
users:
john: { password: '$2y$13$zrK3oibk8KK3PxO/bkFrduFj61jsPbEBZlAiaAaK2rKlanv2E4UhG',roles: [ 'ROLE_ADMIN' ] }
jane: { password: '$2y$13$zrK3oibk8KK3PxO/bkFrduFj61jsPbEBZlAiaAaK2rKlanv2E4UhG',roles: [ 'ROLE_ADMIN','ROLE_SUPER_ADMIN' ] }
users:
entity:
# the class of the entity that represents users
class: 'App\Entity\User'
# the property to query by - e.g. username,email,etc
property: 'username'
my_ldap:
ldap:
service: Symfony\Component\Ldap\Ldap
base_dn: '##########'
search_dn: '##########'
search_password: '########'
default_roles: ["ROLE_USER"]
filter: "########"
uid_key: "########"
all_users:
chain:
providers: [ 'users_in_memory','users','my_ldap' ]
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: App\Entity\User
property: username
# optional: if you're using multiple Doctrine entity
# managers,this option defines which one to use
# manager_name: 'customer'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
lazy: true
entry_point: form_login
provider: all_users
form_login:
login_path: login
check_path: login
default_target_path: login_success
form_login_ldap:
login_path: login
check_path: login
service: Symfony\Component\Ldap\Ldap
dn_string: '##########'
default_target_path: login_success
logout:
path: app_logout
# where to redirect after logout
target: login
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
# - { path: ^/admin,roles: ROLE_ADMIN }
# - { path: ^/profile,roles: ROLE_USER }
也许有人有想法?将 enable_authenticator_manager
设置为 false
并删除 entry_point
将使其工作。看起来 support
的 form_login_ldap
方法总是返回 false
。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。