I did have login working fine with FOSUserBundle. I'm trying to get the SonataUserBundle working now with acl.
I have followed the instructions here https://github.com/sonata-project/SonataUserBundle/blob/2.2/Resources/doc/reference/installation.rst but that resulted in an exception every time I tried to login:
You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.
This exception is thrown in both dev and prod. Similar problems from the web seem to involve an issue with the check_path when people try and introduce localisation. But none of the solutions put forward for those work for me.
This problem has totally exhausted me now, I simply can't figure out what to do. I've left several different attempted solutions in comments in the relevant source files, all relevant portions of these are below.
Any help gratefully received.
config.yml:
# FOS User Configuration
fos_user:
db_driver: orm # can be orm or odm
firewall_name: main
user_class: Aleph2Omega\EducationBundle\Entity\User # Application\Sonata\UserBundle\Entity\User # previously
group:
group_class: Application\Sonata\UserBundle\Entity\Group
group_manager: sonata.user.orm.group_manager
service:
user_manager: sonata.user.orm.user_manager
sonata_block:
default_contexts: [sonata_page_bundle]
blocks:
sonata.admin.block.admin_list:
contexts: [admin]
#sonata.admin_doctrine_orm.block.audit:
# contexts: [admin]
sonata.user.block.menu: # used to display the menu in profile pages
sonata.user.block.account: # used to display menu option (login option)
sonata.block.service.text: # used to if you plan to use Sonata user routes
sonata.block.service.text:
sonata.block.service.rss:
# Some specific block from the SonataMediaBundle
#sonata.media.block.media:
#sonata.media.block.gallery:
#sonata.media.block.feature_media:
sonata_media:
# if you don't use default namespace configuration
#class:
# media: MyVendor\MediaBundle\Entity\Media
# gallery: MyVendor\MediaBundle\Entity\Gallery
# gallery_has_media: MyVendor\MediaBundle\Entity\GalleryHasMedia
default_context: default
db_driver: doctrine_orm # or doctrine_mongodb, doctrine_phpcr
contexts:
default: # the default context is mandatory
providers:
- sonata.media.provider.dailymotion
- sonata.media.provider.youtube
- sonata.media.provider.image
- sonata.media.provider.file
formats:
small: { width: 100 , quality: 70}
big: { width: 500 , quality: 70}
cdn:
server:
path: /uploads/media # http://media.sonata-project.org/
filesystem:
local:
directory: %kernel.root_dir%/../web/uploads/media
create: false
sonata_user:
security_acl: true
manager_type: orm # can be orm or mongodb
routing.yml:
sonata_user_security:
resource: "@SonataUserBundle/Resources/config/routing/sonata_security_1.xml"
sonata_user_resetting:
resource: "@SonataUserBundle/Resources/config/routing/sonata_resetting_1.xml"
prefix: /resetting
sonata_user_profile:
resource: "@SonataUserBundle/Resources/config/routing/sonata_profile_1.xml"
prefix: /profile
sonata_user_register:
resource: "@SonataUserBundle/Resources/config/routing/sonata_registration_1.xml"
prefix: /register
sonata_user_change_password:
resource: "@SonataUserBundle/Resources/config/routing/sonata_change_password_1.xml"
prefix: /profile
gallery:
resource: '@SonataMediaBundle/Resources/config/routing/gallery.xml'
prefix: /media/gallery
media:
resource: '@SonataMediaBundle/Resources/config/routing/media.xml'
prefix: /media
admin:
resource: '@SonataAdminBundle/Resources/config/routing/sonata_admin.xml'
prefix: /admin
_sonata_admin:
resource: .
type: sonata_admin
prefix: /admin
sonata_user:
resource: '@SonataUserBundle/Resources/config/routing/admin_security.xml'
prefix: /admin
security.yml:
security.yml:
providers:
fos_userbundle:
id: fos_user.user_manager
in_memory:
memory: ~
# encoders:
# FOS\UserBundle\Model\UserInterface: sha512
firewalls:
# configuration prior to installation of SonataUserBundle
# main:
# pattern: ^/
# form_login:
# provider: fos_userbundle
# csrf_provider: form.csrf_provider
# logout: true
# anonymous: true
default:
anonymous: ~
# Disabling the security for the web debug toolbar, the profiler and Assetic.
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# -> custom firewall for the admin area of the URL
admin:
pattern: /admin(.*)
context: user
form_login:
provider: fos_userbundle
login_path: /admin/login
use_forward: false
check_path: /admin/login_check
failure_path: null
logout:
path: /admin/logout
anonymous: true
# -> end custom configuration
# default login area for standard users
# This firewall is used to handle the public login area
# This part is handled by the FOS User Bundle
main:
pattern: .*
context: user
form_login:
provider: fos_userbundle
login_path: /login # have also tried fos_user_security_login
use_forward: false
check_path: /login_check # have also tried fos_user_security_check
failure_path: null
csrf_provider: form.csrf_provider
logout: true
anonymous: true
access_control:
# URL of FOSUserBundle which need to be available to anonymous users
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
# Admin login page needs to be access without credential
- { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
# Secured part of the site
# This config requires being logged for the whole site and having the admin role for the admin part.
# Change these rules to adapt them to your needs
- { path: ^/admin/, role: [ROLE_ADMIN, ROLE_SONATA_ADMIN] }
- { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
acl:
connection: default
role_hierarchy:
ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN]
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
SONATA:
# - ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are using acl then this line must be commented
index.html.twig (problem occurs if I try and use either of the two path options fos_* or sonata_*):
{% extends 'Aleph2OmegaEducationBundle::layout.html.twig' %}
{% block title %}Welcome to Aleph2Omega{% endblock %}
{% block body %}
{% if is_granted('ROLE_SUPER_ADMIN') -%}
{{ include('Aleph2OmegaEducationBundle::menu.html.twig') }}
Hello {{ app.user.username }}!
{% elseif is_granted('ROLE_USER') -%}
{{ include('Aleph2OmegaEducationBundle::menu.html.twig') }}
Hello {{ app.user.username }}!
{% else %}
<a href="{{ path('fos_user_security_login') }}">Login</a>
<a href="{{ path('fos_user_registration_register') }}">Register</a>
<br>
<a href="{{ path('sonata_user_security_login') }}">Test Sonata Login</a>
<a href="{{ path('sonata_user_register') }}">Test Sonata Register</a>
{%- endif %}
{% endblock %}
....MyBundle/Entity/User.php:
<?php
// src/A/UserBundle/Entity/User.php
namespace Aleph2Omega\EducationBundle\Entity;
use FOS\UserBundle\Entity\User as BaseUser;
use Doctrine\ORM\Mapping as ORM;
/**
* @ORM\Entity
* @ORM\Table(name="fos_user")
*/
class User extends BaseUser
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
public function __construct()
{
parent::__construct();
// your own logic
}
}
Ok... solved my own problem.
It seems that under the firewalls configuration in security.yml by putting main before anything else the exception is no longer thrown.