我的安全文件配置如下:
security:
...
pattern: ^/[members|admin]
form_login:
check_path: /members/auth
login_path: /public/login
failure_forward: false
failure_path: null
logout:
path: /public/logout
target: /
目前,如果我在不进行身份验证的情况下访问成员 url,它会将我重定向到 /public/login
,但我不希望它重定向。我主要在我的 Controller 上使用 json 进行响应,所以我只想在受限 url 上显示警告,例如 {"error": "Access denied"}
。如果我取出 login_path:/public/login
代码,它会重定向到默认 url/login。我该如何阻止它重定向?
最佳答案
您需要创建一个监听器,然后触发您的响应。我的解决方案基于 - https://gist.github.com/xanf/1015146
监听代码--
namespace Your\NameSpace\Bundle\Listener;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
class AjaxAuthenticationListener
{
/**
* Handles security related exceptions.
*
* @param GetResponseForExceptionEvent $event An GetResponseForExceptionEvent instance
*/
public function onCoreException(GetResponseForExceptionEvent $event)
{
$exception = $event->getException();
$request = $event->getRequest();
if ($request->isXmlHttpRequest()) {
if ($exception instanceof AuthenticationException || $exception instanceof AccessDeniedException || $exception instanceof AuthenticationCredentialsNotFoundException) {
$responseData = array('status' => 401, 'msg' => 'User Not Authenticated');
$response = new JsonResponse();
$response->setData($responseData);
$response->setStatusCode($responseData['status']);
$event->setResponse($response);
}
}
}
}
你需要为监听器创建一个服务--
e_ent_int_baems.ajaxauthlistener:
class: Your\NameSpace\Bundle\Listener\AjaxAuthenticationListener
tags:
- { name: kernel.event_listener, event: kernel.exception, method: onCoreException, priority: 1000 }
关于php - symfony2 在限制区域没有重定向,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9101303/