Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Symfony2 in_memory users provider issue

I have a Symfony2 application that loads users from in_memory user provider. The security.yml is the following:

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        in_memory:
            users:
                admin: { password: mypassword, roles: [ 'ROLE_ADMIN' ] }

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login:
            pattern:  ^/demo/secured/login$
            security: false

        secured_area:
            pattern:    ^/
            anonymous: ~
            http_basic:
                realm: "MyApp Realm - Login"

    access_control:
        #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
        #- { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
        - { path: ^/subscription/show, roles: ROLE_ADMIN }
        - { path: ^/send, roles: ROLE_ADMIN }

In my local development environment (a Mac Book Pro) this configuration works as expected. When I go to routes _/send_ or _/subscription/show_, Symfony asks me for login and if I enter credentials admin and mypassword I can view pages correctly.

But in production environment (a Debian server) I have to perform login to see that routes but the same username and password doesn't work! The HTTP basic authentication login prompt never go away! I can't understand.

Why that configuration doesn't work? And overall why in my local environment it works and in the production environment it doesn't?

I also see a question I suppose it is related to: Symfony2 plaintext users don't work. I already tried all suggestions listed there but any of them solve the problem.

like image 714
Manuele Menozzi Avatar asked Nov 23 '12 14:11

Manuele Menozzi


1 Answers

Solved!

The problem was that production environments runs PHP in FastCGI and with such configuration you have to add the following line to .htaccess, in order to have http basic authentication via PHP working:

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

Bye!

like image 199
Manuele Menozzi Avatar answered Sep 22 '22 06:09

Manuele Menozzi