this is my first Symfony 2 application and i am trying to logout the currently logged in user.
This is my app/config/security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
user0: { password: user0, roles: [ 'ROLE_ADMIN' ] }
user1: { password: user1, roles: [ 'ROLE_SUPER_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/demo/secured/login$
security: false
secured_area:
pattern: ^/
logout: ~
anonymous: ~
http_basic:
realm: "Secured Area"
access_control:
- { path: ^/question/*, roles: ROLE_ADMIN }
- { path: ^/questiongroup/*, roles: ROLE_ADMIN }
- { path: ^/answer/*, roles: ROLE_ADMIN }
- { path: ^/newslettertemplate/*, roles: ROLE_ADMIN }
- { path: ^/customer/*, roles: ROLE_SUPER_ADMIN }
- { path: ^/statistics/*, roles: ROLE_SUPER_ADMIN }
I have created the logout entry in the routing.yml as described in the symfony security documentation:
logout:
path: /logout
When i create a link to the "logout" i do get redirected to the "/" which is ok. But the user still is authenticated, means the actual logout did not work.
Logout in Symfony2 is handled by so called logout handler which is just a lister that is executed when URL match pattern from security configuration, ie. if URL is let's say /logout then this listener is executed. There are two build-in logout handlers: CookieClearingLogoutHandler which simply clears all cookies.
Symfony provides many tools to secure your application. Some HTTP-related security tools, like secure session cookies and CSRF protection are provided by default.
It doesn't work with HTTP Basic Authentication because the browser remembers your credentials and sends them with each request. You can do nothing about this on the server side.
I believe eventually you're going to switch to the form based login. The logout feature will work like it's supposed to when you do.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With