这是我的第一个Symfony 2应用程序,我正在尝试注销当前登录的用户.
这是我的app / config / security.yml
security: encoders: Symfony\Component\Security\Core\User\User: plaintext role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER,ROLE_ADMIN,ROLE_ALLOWED_TO_SWITCH] providers: in_memory: memory: users: user0: { password: user0,roles: [ 'ROLE_ADMIN' ] } user1: { password: user1,roles: [ 'ROLE_SUPER_ADMIN' ] } firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/demo/secured/login$ security: false secured_area: pattern: ^/ logout: ~ anonymous: ~ http_basic: realm: "Secured Area" access_control: - { path: ^/question/*,roles: ROLE_ADMIN } - { path: ^/questiongroup/*,roles: ROLE_ADMIN } - { path: ^/answer/*,roles: ROLE_ADMIN } - { path: ^/newslettertemplate/*,roles: ROLE_ADMIN } - { path: ^/customer/*,roles: ROLE_SUPER_ADMIN } - { path: ^/statistics/*,roles: ROLE_SUPER_ADMIN }
我已经在route.yml中创建了logout条目,如symfony安全文档中所述:
logout: path: /logout
它不适用于HTTP基本身份验证,因为浏览器会记住您的凭据并随每个请求一起发送.您无法在服务器端对此执行任何操作.
我相信最终你会切换到form based login.注销功能会像你应该的那样工作.