Symfony 4: Cannot access admin roles. Access Denied

问题

I'm learning Symfony 4 and try to make follow Symfony 4 Documentation to create an app.

I do follow this article to make admin roles.

But when I access path /admin, it's always "Access Denied."

I read many article in Symfony Documentation page and StackOverflow but can not found the way to solve it. Here is my setting

//config/packges/security.yaml

security:

    encoders:
        App\Entity\User:
            algorithm: bcrypt
    providers:
        our_db_provider:
            entity:
                class: App\Entity\User
        in_memory:
            memory:
                users:
                    admin:
                        password: admin123
                        roles: 'ROLE_ADMIN'
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern:    ^/
            http_basic: ~
            provider: our_db_provider
            form_login:
              login_path: login
              check_path: login
              default_target_path: index
              always_use_default_target_path: true

            logout:
              path:   /logout
              target: /index

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_ADMIN }

And here is the Symfony Debug log:

Uncaught PHP Exception Symfony\Component\Security\Core\Exception\AccessDeniedException: "Access Denied." at C:\xampp\htdocs\aimer-mvc\vendor\symfony\security\Http\Firewall\AccessListener.php line 68

Please help me. Thank you so much!

回答1:

If you want to test your app with admin / admin123, you have to allow in_memory provider in your firewall :

only for http_basic :

security:

    encoders:
        App\Entity\User:
            algorithm: bcrypt
    providers:
        our_db_provider:
            entity:
                class: App\Entity\User
        in_memory:
            memory:
                users:
                    admin:
                        password: admin123
                        roles: 'ROLE_ADMIN'
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern:    ^/
            http_basic:
                provider: in_memory
            provider: our_db_provider
            form_login:
              login_path: login
              check_path: login
              default_target_path: index
              always_use_default_target_path: true

            logout:
              path:   /logout
              target: /index

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_ADMIN }

for form_login as well :

security:

    encoders:
        App\Entity\User:
            algorithm: bcrypt
    providers:
        both_providers:
            chain:
                providers: [in_memory, our_db_provider]
        our_db_provider:
            entity:
                class: App\Entity\User
        in_memory:
            memory:
                users:
                    admin:
                        password: admin123
                        roles: 'ROLE_ADMIN'
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern:    ^/
            http_basic: ~
            provider: both_providers
            form_login:
              login_path: login
              check_path: login
              default_target_path: index
              always_use_default_target_path: true

            logout:
              path:   /logout
              target: /index

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_ADMIN }

See https://symfony.com/doc/current/security/multiple_user_providers.html for examples...

来源：https://stackoverflow.com/questions/50689137/symfony-4-cannot-access-admin-roles-access-denied