zend-frameworkzend-framework2aclzfc-rbac

How to redirect an unauthorized user to the 403 page


I am using ZendFramework2 with zfc-user and ZfcRbac for authorization and access control. I have setup everything to work with database managed role. Now when a user navigate to an un-authorized page, I am getting the error page You are not authorized to access this resource which is thrown by ZfcRbac

Actually I have configured in my zfc-rbac.global.php to redirect to the 403 page. my settings are below.

ZfcRbac\Exception\UnauthorizedException

--

'unauthorized_strategy' => [
     'template' => 'error/403'
],

How do I send the user to 403 page?

EDIT

The right answer is to attach the UnauthorizedStrategy in the onBootstrap

$t = $e->getTarget();
$t->getEventManager()->attach(
    $t->getServiceManager()->get('\ZfcRbac\View\Strategy\UnauthorizedStrategy')
);

Solution

  • ZfcRbac per default doesn't do anything but throw the exception. The power of ZfcRbac then lies within it's many, many customizable features. The one you should be looking at is found under the Documentation-Section "Strategies".

    In short