This is driving me crazy, it was working and I have no idea what changed, but now I am getting an infinite redirect loop (301) on my login page, logs show AccessDeniedException. Obviously I have checked many StackOverflow answers and other internet links but I can't see what's wrong with my setup:
security.yaml:
security:
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
app_user_provider:
entity:
class: App\Entity\Users
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
customer:
pattern: ^/customer
security: false
main:
pattern: ^/
lazy: true
provider: app_user_provider
form_login:
login_path: login
check_path: login
enable_csrf: true
logout:
path: logout
target: /login
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/customer, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/sales, roles: [ROLE_SALES, ROLE_ADMIN] }
- { path: ^/admin, role: ROLE_ADMIN }
logs:
[2022-10-26T11:29:20.918658 00:00] request.INFO: Matched route "login". {"route":"login","route_parameters":{"_route":"login","_controller":"App\\Controller\\SecurityController::login"},"request_uri":"https://***.com/login","method":"GET"} []
[2022-10-26T11:29:20.928261 00:00] security.DEBUG: Checking for authenticator support. {"firewall_name":"main","authenticators":1} []
[2022-10-26T11:29:20.928351 00:00] security.DEBUG: Checking support on authenticator. {"firewall_name":"main","authenticator":"Symfony\\Component\\Security\\Http\\Authenticator\\FormLoginAuthenticator"} []
[2022-10-26T11:29:20.928405 00:00] security.DEBUG: Authenticator does not support the request. {"firewall_name":"main","authenticator":"Symfony\\Component\\Security\\Http\\Authenticator\\FormLoginAuthenticator"} []
[2022-10-26T11:29:20.955819 00:00] security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): Access Denied. at /vendor/symfony/security-http/Firewall/AccessListener.php:97)"} []
What's wrong with this?
CodePudding user response:
You should add
anonymous: true
under main
firewall
and append (as last rule)
- { path: ^/, roles: IS_AUTHENTICATED_FULLY }
to access_control
.
That sould do the trick.
CodePudding user response:
IS_AUTHENTICATED_ANONYMOUSLY was deprecated in 5.3 and removed in 6.0 (?), the official documentation recommends using PUBLIC_ACCESS instead
See https://symfony.com/doc/6.1/security.html#allowing-unsecured-access-i-e-anonymous-users