session - 成功验证后 symfony2 安全 token /上下文丢失( session 正在运行)

Question

我在安装新的 symfony 2.4 时遇到问题，登录后未保存安全 token 。我以前从未遇到过这个问题(尽管我从未在我现在使用的生产服务器上安装 symfony)。 两天来我一直在努力解决这个问题，我想我已经阅读了互联网上与这个问题相关的所有帖子。

这个我已经彻底检查过了:
- session 。 它们运行良好。我可以在我的 session 中设置一个变量并重新加载页面，然后从 session 中读取相同的变量。我使用以下配置使用 native 内存缓存 session 处理程序:

框架: session : handler_id: session.handler.mc

services:
    session.memcache:
        class: Memcache
        calls:
            - [addServer , [%session_memcache_host%, %session_memcache_port%]]
    session.handler.mc:
        class: Symfony\Component\HttpFoundation\Session\Storage\Handler\MemcacheSessionHandler
        arguments: [@session.memcache, {prefix: ""}]

- 用户实体。 因为我使用 FOSUserBundle 作为用户提供者，所以我扩展了他们的用户模型(我使用的是学说)，如他们的文档中所述。请注意我在构造方法中添加的角色，以确保我的用户具有此角色:

<?php

namespace MB\Emaizing\AppBundle\Entity;

use FOS\UserBundle\Model\User as BaseUser;
use Doctrine\ORM\Mapping as ORM;

/**
 * @ORM\Entity
 * @ORM\Table(name="emaizing_user")
 */
class EmaizingUser extends BaseUser
{
    /**
     * @ORM\Id
     * @ORM\Column(type="integer")
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    protected $id;

    public function __construct()
    {
        parent::__construct();

        $this->roles = array('ROLE_USER');
    }
}

防火墙/安全设置。我通过防火墙“secured_area”保护了整个网站，并添加了一个防火墙开发人员以正确显示网络分析器工具栏。我已经为/login(以及/login_check)路由添加了异常(exception)。我还为另一条不应该保护的路线添加了一个异常(exception)。用户使用他们的电子邮件地址作为登录名登录。

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false
            anonymous: ~
        secured_area:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                always_use_default_target_path: true
                default_target_path: /
            logout: true
            anonymous: ~

    access_control:
        - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/lpx, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_USER }

- 日志。这是日志的内容:

[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\RouterListener::onKernelRequest". [] []
[2013-12-11 10:46:46] request.INFO: Matched route "fos_user_security_check" (parameters: "_controller": "FOS\UserBundle\Controller\SecurityController::checkAction", "_route": "fos_user_security_check") [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\LocaleListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\Security\Http\Firewall::onKernelRequest". [] []
[2013-12-11 10:46:46] doctrine.DEBUG: SELECT t0.username AS username1, t0.username_canonical AS username_canonical2, t0.email AS email3, t0.email_canonical AS email_canonical4, t0.enabled AS enabled5, t0.salt AS salt6, t0.password AS password7, t0.last_login AS last_login8, t0.locked AS locked9, t0.expired AS expired10, t0.expires_at AS expires_at11, t0.confirmation_token AS confirmation_token12, t0.password_requested_at AS password_requested_at13, t0.roles AS roles14, t0.credentials_expired AS credentials_expired15, t0.credentials_expire_at AS credentials_expire_at16, t0.id AS id17 FROM emaizing_user t0 WHERE t0.email_canonical = ? LIMIT 1 ["roest@mediablue.nl"] []
[2013-12-11 10:46:46] security.INFO: User "roest@mediablue.nl" has been authenticated successfully [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "security.interactive_login" to listener "FOS\UserBundle\EventListener\LastLoginListener::onSecurityInteractiveLogin". [] []
[2013-12-11 10:46:46] doctrine.DEBUG: "START TRANSACTION" [] []
[2013-12-11 10:46:46] doctrine.DEBUG: UPDATE emaizing_user SET last_login = ? WHERE id = ? ["2013-12-11 10:46:46",5] []
[2013-12-11 10:46:46] doctrine.DEBUG: "COMMIT" [] []
[2013-12-11 10:46:46] event.DEBUG: Listener "Symfony\Component\Security\Http\Firewall::onKernelRequest" stopped propagation of the event "kernel.request". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\Security\Http\Firewall\ContextListener::onKernelResponse". [] []
[2013-12-11 10:46:46] security.DEBUG: Write SecurityContext in the session [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bridge\Monolog\Handler\FirePHPHandler::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bridge\Monolog\Handler\ChromePhpHandler::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ResponseListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\Security\Http\RememberMe\ResponseListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Sensio\Bundle\FrameworkExtraBundle\EventListener\CacheListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Bundle\WebProfilerBundle\EventListener\WebDebugToolbarListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.response" to listener "Symfony\Component\HttpKernel\EventListener\StreamedResponseListener::onKernelResponse". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.finish_request" to listener "Symfony\Component\HttpKernel\EventListener\LocaleListener::onKernelFinishRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.finish_request" to listener "Symfony\Component\HttpKernel\EventListener\RouterListener::onKernelFinishRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.finish_request" to listener "Symfony\Component\Security\Http\Firewall::onKernelFinishRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.terminate" to listener "Symfony\Bundle\SwiftmailerBundle\EventListener\EmailSenderListener::onKernelTerminate". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.terminate" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelTerminate". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Bundle\FrameworkBundle\EventListener\SessionListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\FragmentListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\RouterListener::onKernelRequest". [] []
[2013-12-11 10:46:46] request.INFO: Matched route "mb_emaizing_app_homepage" (parameters: "_controller": "MB\Emaizing\AppBundle\Controller\DefaultController::indexAction", "_route": "mb_emaizing_app_homepage") [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\HttpKernel\EventListener\LocaleListener::onKernelRequest". [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.request" to listener "Symfony\Component\Security\Http\Firewall::onKernelRequest". [] []
[2013-12-11 10:46:46] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2013-12-11 10:46:46] event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
[2013-12-11 10:46:46] security.DEBUG: Access is denied (user is not fully authenticated) by "/var/www/vhosts/www.emaizing.com/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php" at line 70; redirecting to authentication entry point [] []
[2013-12-11 10:46:46] security.DEBUG: Calling Authentication entry point [] []

如您所见，用户已通过正确的身份验证。然而，在重定向之后，没有找到安全上下文，因此假设我们是匿名用户(网络分析器工具栏将用户显示为匿名)。

我试图通过调试找出问题所在:Symfony\Component\Security\Http\Firewall\ContextListener::onKernelResponse()

/**
 * Writes the SecurityContext to the session.
 *
 * @param FilterResponseEvent $event A FilterResponseEvent instance
 */
public function onKernelResponse(FilterResponseEvent $event)
{
    if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) {
        return;
    }

    if (!$event->getRequest()->hasSession()) {
        return;
    }

    if (null !== $this->logger) {
        $this->logger->debug('Write SecurityContext in the session');
    }

    $request = $event->getRequest();
    $session = $request->getSession();

    if (null === $session) {
        return;
    }

    if ((null === $token = $this->context->getToken()) || ($token instanceof AnonymousToken)) {
        if ($request->hasPreviousSession()) {
            $session->remove('_security_'.$this->contextKey);
        }
    } else {
        $session->set('_security_'.$this->contextKey, serialize($token));
    }
}

当我在这行“$session->set('security'.$this->contextKey, serialize($token));”之后对 session 进行 var_dump 时我可以看到安全 token 已添加到 session 中。但是在重定向到以下页面后它不存在(防火墙中的 default_target_path)。

有人知道为什么会发生这种情况吗？

Answer 1

在 security.yml 中为您的防火墙设置上下文变量。

这应该可以解决问题......