Symfony 4：无法访问管理员角色。拒绝访问

Question

我正在学习 Symfony 4 并尝试按照 Symfony 4 文档创建应用程序。

我确实按照这个article 来担任管理员角色。

但是当我访问路径/admin时，总是"Access Denied."

我在 Symfony 文档页面和 StackOverflow 中阅读了很多文章，但找不到解决问题的方法。这是我的设置

//config/packges/security.yaml

security:

    encoders:
        App\Entity\User:
            algorithm: bcrypt
    providers:
        our_db_provider:
            entity:
                class: App\Entity\User
        in_memory:
            memory:
                users:
                    admin:
                        password: admin123
                        roles: 'ROLE_ADMIN'
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern:    ^/
            http_basic: ~
            provider: our_db_provider
            form_login:
              login_path: login
              check_path: login
              default_target_path: index
              always_use_default_target_path: true

            logout:
              path:   /logout
              target: /index

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_ADMIN }

这里是 Symfony 调试日志：

未捕获的 PHP 异常 Symfony\Component\Security\Core\Exception\AccessDeniedException：“访问被拒绝。”在 C:\xampp\htdocs\aimer-mvc\vendor\symfony\security\Http\Firewall\AccessListener.php 第 68 行

请帮助我。非常感谢！

Answer 1

如果您想使用 admin / admin123 测试您的应用，您必须在防火墙中允许 in_memory 提供程序：

仅适用于 http_basic：

security:

    encoders:
        App\Entity\User:
            algorithm: bcrypt
    providers:
        our_db_provider:
            entity:
                class: App\Entity\User
        in_memory:
            memory:
                users:
                    admin:
                        password: admin123
                        roles: 'ROLE_ADMIN'
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern:    ^/
            http_basic:
                provider: in_memory
            provider: our_db_provider
            form_login:
              login_path: login
              check_path: login
              default_target_path: index
              always_use_default_target_path: true

            logout:
              path:   /logout
              target: /index

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_ADMIN }

form_login 也是如此：

security:

    encoders:
        App\Entity\User:
            algorithm: bcrypt
    providers:
        both_providers:
            chain:
                providers: [in_memory, our_db_provider]
        our_db_provider:
            entity:
                class: App\Entity\User
        in_memory:
            memory:
                users:
                    admin:
                        password: admin123
                        roles: 'ROLE_ADMIN'
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern:    ^/
            http_basic: ~
            provider: both_providers
            form_login:
              login_path: login
              check_path: login
              default_target_path: index
              always_use_default_target_path: true

            logout:
              path:   /logout
              target: /index

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_ADMIN }

有关示例，请参阅 https://symfony.com/doc/current/security/multiple_user_providers.html...