我的安全文件配置如下:
security: ... pattern: ^/[members|admin] form_login: check_path: /members/auth login_path: /public/login failure_forward: false failure_path: null logout: path: /public/logout target: /
目前,如果我访问成员网址而不进行身份验证,它会将我重定向到/ public / login但我不希望它重定向.我主要是在控制器上使用json进行响应,所以我只想在受限制的URL上显示警告,例如{“error”:“Access denied”}.如果我取出login_path:/ public / login代码,它会重定向到默认的url / login.如何阻止它重定向?
您需要创建一个监听器,然后触发您的响应.我的解决方案基于 –
https://gist.github.com/xanf/1015146
听众代码 –
namespace Your\NameSpace\Bundle\Listener; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; class AjaxAuthenticationListener { /** * Handles security related exceptions. * * @param GetResponseForExceptionEvent $event An GetResponseForExceptionEvent instance */ public function onCoreException(GetResponseForExceptionEvent $event) { $exception = $event->getException(); $request = $event->getRequest(); if ($request->isXmlHttpRequest()) { if ($exception instanceof AuthenticationException || $exception instanceof AccessDeniedException || $exception instanceof AuthenticationCredentialsNotFoundException) { $responseData = array('status' => 401,'msg' => 'User Not Authenticated'); $response = new JsonResponse(); $response->setData($responseData); $response->setStatusCode($responseData['status']); $event->setResponse($response); } } } }
您需要为侦听器创建服务 –
e_ent_int_baems.ajaxauthlistener: class: Your\NameSpace\Bundle\Listener\AjaxAuthenticationListener tags: - { name: kernel.event_listener,event: kernel.exception,method: onCoreException,priority: 1000 }