I'm setting up Symfony 4 to create new website, but when I want to login with user, who have multiple role ROLE_USER
and ROLE_ADMIN
, I'm redirected to login page. With just one role ROLE_USER
I can login, How to solve this problem ?
Configuration is PHP 7.2, Symfony 4.2, Web Server Built-in Symfony "server:start". I've tried to change security configuration but nothing change.
security.yaml
security:
encoders:
App\Entity\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
# this firewall applies to all URLs
pattern: ^/
# but the firewall does not require login on every page
# denying access is done in access_control or in your controllers
anonymous: ~
# This allows the user to login by submitting a username and password
# Reference: http://symfony.com/doc/current/cookbook/security/form_login_setup.html
form_login:
# fos user bundle handles the form login
#provider: fos_userbundle
# The route name that the login form submits to
check_path: fos_user_security_check
# The name of the route where the login form lives
# When the user tries to access a protected page, they are redirected here
login_path: fos_user_security_login
# Secure the login form against CSRF
# Reference: http://symfony.com/doc/current/cookbook/security/csrf_in_login_form.html
csrf_token_generator: security.csrf.token_manager
logout:
# The route name the user can go to in order to logout
path: fos_user_security_logout
# The name of the route to redirect to after logging out
target: homepage
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/categories, role: ROLE_ADMIN }
- { path: ^/tags, role: ROLE_ADMIN }
- { path: ^/typewords, role: ROLE_ADMIN }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, role: ROLE_ADMIN }
- { path: ^/, role: ROLE_USER }
routes.yaml
controllers:
resource: '../src/Controller/'
type: annotation
fos_user:
resource: "@FOSUserBundle/Resources/config/routing/all.xml"
easy_admin_bundle:
resource: '@EasyAdminBundle/Controller/EasyAdminController.php'
prefix: /admin
type: annotation
I expect to login with another ROLE
than ROLE_USER
.
By hierarchy, a user with ROLE_ADMIN
automatically has the ROLE_USER
. So just remove ROLE_USER
from that user. Not sure how the roles are loaded from the user provider, check also how ROLE_ADMIN
is written in the database or what you use to map the User entity. (Include the mapping file for the user entity for further insight)