I have two firewalls, "admin" and "client", in my Symfony2 project. They both use the same entity provider.
The problem I'm having is that when I log out of one firewall, I'm logged out of the other as well. I'd prefer this not to be the case.
Is there something wrong with my implementation or strategy. I did play around with the idea of having one firewall and managing access to the admin and client areas via user roles. However, this doesn't avoid the logout scenario I described above.
Below is my security.yml (a bit simplified).
admin:
pattern: ^/admin
form_login:
provider: acme_userbundle
login_path: admin_login
check_path: admin_security_check
logout:
path: admin_logout
target: admin_login
anonymous: false
client:
pattern: ^/client
form_login:
provider: acme_userbundle
login_path: client_login
check_path: client_security_check
logout:
path: client_logout
target: client_login
anonymous: false
The solution is to add the following configuration line:
invalidate_session: false
(Reference: http://symfony.com/doc/current/reference/configuration/security.html)
That line should be added to the logout
configuration block of every firewall. This way, when you logout from one of them, the session won't be destroyed, and you will be kept logged in on the other ones.
security:
...
firewalls:
...
admin:
pattern: ^/admin
...
logout:
path: admin_logout
...
invalidate_session: false #This line should do the trick!
...
client:
pattern: ^/client
...
logout:
path: client_logout
...
invalidate_session: false #This line should do the trick!
...
Following solution worked in Sf 2.0.x, but i'm not sure it still is useful...
When you log in, you are identified with your session and a security entry is created for each firewalls, named as 'security_'. So, in your case, to log out from client area, you can achieve it with :
// $session is Session service from container
$session->remove('security_client');
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With