Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Symfony2 - Logging out of one firewall

I have two firewalls, "admin" and "client", in my Symfony2 project. They both use the same entity provider.

The problem I'm having is that when I log out of one firewall, I'm logged out of the other as well. I'd prefer this not to be the case.

Is there something wrong with my implementation or strategy. I did play around with the idea of having one firewall and managing access to the admin and client areas via user roles. However, this doesn't avoid the logout scenario I described above.

Below is my security.yml (a bit simplified).

    admin:
        pattern: ^/admin
        form_login:
            provider:      acme_userbundle
            login_path:    admin_login
            check_path:    admin_security_check
        logout:
            path:   admin_logout
            target: admin_login
        anonymous: false

    client:
        pattern: ^/client
        form_login:
            provider:      acme_userbundle
            login_path:    client_login
            check_path:    client_security_check
        logout:
            path:   client_logout
            target: client_login
        anonymous: false
like image 887
antony Avatar asked Jun 16 '13 03:06

antony


2 Answers

Solution

The solution is to add the following configuration line:

invalidate_session: false

(Reference: http://symfony.com/doc/current/reference/configuration/security.html)

That line should be added to the logout configuration block of every firewall. This way, when you logout from one of them, the session won't be destroyed, and you will be kept logged in on the other ones.

Example

security:
    ...
    firewalls:
        ...
        admin:
            pattern: ^/admin
            ...
            logout:
                path:   admin_logout
                ...
                invalidate_session: false #This line should do the trick!
            ...

         client:
             pattern: ^/client
             ...
             logout:
                 path:   client_logout
                 ...
                 invalidate_session: false #This line should do the trick!
             ...
like image 97
pagliuca Avatar answered Sep 24 '22 06:09

pagliuca


Following solution worked in Sf 2.0.x, but i'm not sure it still is useful...

When you log in, you are identified with your session and a security entry is created for each firewalls, named as 'security_'. So, in your case, to log out from client area, you can achieve it with :

// $session is Session service from container
$session->remove('security_client');
like image 43
AlterPHP Avatar answered Sep 23 '22 06:09

AlterPHP