I don't know if what I'm trying to do is possible but I have the following configuration in my security.yaml and it shows me the following error:
Because you have multiple authenticators in firewall "administrator_secured_area", you need to set the "entry_point" key to one of your authenticators ("App\Security\AdministratorAuthenticator", "form_login") or a service ID implementing "Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface". The "entry_point" determines what should happen (e.g. redirect to "/login") when an anonymous user tries to access a protected page.
I have searched various solutions but none suits my current setup
security:
enable_authenticator_manager: true
# https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
App\Entity\Administrator:
algorithm: auto
App\Entity\Instructor:
algorithm: auto
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
# used to reload user from session & other features (e.g. switch_user)
app_administrator_provider:
entity:
class: App\Entity\Administrator
property: email
app_instructor_provider:
entity:
class: App\Entity\Instructor
property: email
# used to reload user from session & other features (e.g. switch_user)
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
administrator_secured_area:
lazy: true
provider: app_administrator_provider
custom_authenticator: App\Security\AdministratorAuthenticator
form_login:
login_path: /login/administrator
check_path: /app_login_administrator
default_target_path: /login/administrator
logout:
path: app_logout
# where to redirect after logout
target: app_login_administrator
instructor_secured_area:
lazy: true
provider: app_instructor_provider
custom_authenticator: App\Security\InstructorAuthenticator
form_login:
login_path: /login/instructor
check_path: /app_login_instructor
default_target_path: /login/instructor
logout:
path: app_logout
# where to redirect after logout
target: app_login_instructor
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
when@test:
security:
password_hashers:
# By default, password hashers are resource intensive and take time. This is
# important to generate secure password hashes. In tests however, secure hashes
# are not important, waste resources and increase test times. The following
# reduces the work factor to the lowest possible values.
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
algorithm: auto
cost: 4 # Lowest possible value for bcrypt
time_cost: 3 # Lowest possible value for argon
memory_cost: 10 # Lowest possible value for argon
CodePudding user response:
First of all thank you for your answer.
With the configuration you propose I get the following error:
Unrecognized option "administrator_form_login" under "security.firewalls.administrator_secured_area". Available options are
"access_denied_handler",
"access_denied_url",
"anonymous", "context",
"custom_authenticators",
"entry_point",
"form_login",
"form_login_ldap",
"guard", "host",
"http_basic",
"http_basic_ldap",
"json_login",
"json_login_ldap",
"lazy",
"login_link",
"login_throttling",
"logout", "methods",
"pattern",
"provider",
"remember_me",
"remote_user",
"request_matcher",
"required_badges",
"security",
"stateless",
"switch_user",
"user_checker",
"x509".
Best regards!
CodePudding user response:
As the error message suggests you should set the entry_point
key to one of your authenticators, here is an example, you could choose to set in one of them, or you could try to set it in both:
administrator_secured_area:
lazy: true
provider: app_administrator_provider
custom_authenticator: App\Security\AdministratorAuthenticator
form_login:
login_path: /login/administrator
check_path: /app_login_administrator
default_target_path: /login/administrator
logout:
path: app_logout
# where to redirect after logout
target: app_login_administrator
entry_point: 'form_login'
instructor_secured_area:
lazy: true
provider: app_instructor_provider
custom_authenticator: App\Security\InstructorAuthenticator
form_login:
login_path: /login/instructor
check_path: /app_login_instructor
default_target_path: /login/instructor
logout:
path: app_logout
# where to redirect after logout
target: app_login_instructor