You must configure the check path to be handled by the firewall using form_login in your security firewall configuration

Antonio Peric picture Antonio Peric · Jun 1, 2013 · Viewed 28.1k times · Source

i have webservice which is provider for my "regular" users. I want to use FosUserBundle for my administrators. Above is my security configuration. regular users login works with no problem, but when i want to login as admin i got this message:

"You must configure the check path to be handled by the firewall using form_login in your security firewall configuration. "

Here is my security configuration:

security:
encoders:
    Locastic\CustomUserBundle\Security\User\User: plaintext
    FOS\UserBundle\Model\UserInterface: sha512

providers:
    fos_userbundle:
        id: fos_user.user_provider.username_email
    webservice:
        id: locastic.user_provider

firewalls:               
    main:
        pattern: ^/admin
    form_login:
        provider:               fos_userbundle
        login_path:             fos_user_security_login 
        check_path:             fos_user_security_check
        csrf_provider:          form.csrf_provider
        logout:       true
        anonymous:    true
        remember_me:
            key:      "%secret%"
            lifetime: 31536000 # 365 days in seconds
            path:     /
            domain:   ~ # Defaults to the current domain from $_SERVER
    user-service:
        pattern: ^/
        logout:       
          path:   /logout
        anonymous:    true
        webservice-login:
            check_path: /prijava-provjera
            login_path: /prijavi-se
            provider: webservice
            always_use_default_target_path: true
            default_target_path: /stanje-racuna

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, role: ROLE_ADMIN }

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

Answer

zizoujab picture zizoujab · Jun 1, 2013

I think you need to put form_login under a firewall ( either main or add another one )

form_login under main firewall :

firewalls:               
main:
    pattern: ^/admin
    form_login:
        provider:               fos_userbundle
        login_path:             fos_user_security_login 
        check_path:             fos_user_security_check
        csrf_provider:          form.csrf_provider
        logout:       true
        anonymous:    true ....

form_login under another firewall

firewalls:               
    main:
        pattern: ^/admin
    second_firewall:
        pattern: ^/
        form_login:
            provider:               fos_userbundle
            login_path:             fos_user_security_login 
            check_path:             fos_user_security_check
            csrf_provider:          form.csrf_provider
            logout:       true
            anonymous:    true .....