无法刷新令牌,因为用户已更改 - Syfmony 4 - LDAP
Cannot refresh token because user has changed - Syfmony 4 - LDAP
我正在尝试使用 symfony 4.2 及其 LdapUserProvider 针对 ldap 服务器进行身份验证,但出现以下错误
[2019-08-09 17:40:52] security.DEBUG: Cannot refresh token because user has changed. {"username":"admin","provider":"Symfony\Component\Security\Core\User\LdapUserProvider"} []
[2019-08-09 17:40:52] security.DEBUG: Token was deauthenticated after trying to refresh it. [] []
[2019-08-09 17:40:52] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2019-08-09 17:40:52] security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\Component\Security\Core\Exception\AccessDeniedException(code: 403): Access Denied.
我发现刷新后的用户密码在ldapProvider中被硬编码为null。然后评估这个刷新的用户不等于令牌用户,这导致用户取消身份验证。
vendor/symfony/security-core/User/LdapUserProvider.php:
public function refreshUser(UserInterface $user)
{
if (!$user instanceof User) {
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', \get_class($user)));
}
return new User($user->getUsername(), null, $user->getRoles());
}
vendor/symfony/security-http/Firewall/ContextListener.php:
try {
$refreshedUser = $provider->refreshUser($user);
$newToken = clone $token;
$newToken->setUser($refreshedUser);
...
}
我该如何解决这个问题?
谢谢
此问题已在 symfony 4.4 中修复,在
symfony/src/Symfony/Component/Ldap/Security/LdapUserProvider.php
密码不再设置为空
public function refreshUser(UserInterface $user)
{
if (!$user instanceof LdapUser) {
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', \get_class($user)));
}
return new LdapUser($user->getEntry(), $user->getUsername(), $user->getPassword(), $user->getRoles());
}
我正在尝试使用 symfony 4.2 及其 LdapUserProvider 针对 ldap 服务器进行身份验证,但出现以下错误
[2019-08-09 17:40:52] security.DEBUG: Cannot refresh token because user has changed. {"username":"admin","provider":"Symfony\Component\Security\Core\User\LdapUserProvider"} []
[2019-08-09 17:40:52] security.DEBUG: Token was deauthenticated after trying to refresh it. [] []
[2019-08-09 17:40:52] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2019-08-09 17:40:52] security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\Component\Security\Core\Exception\AccessDeniedException(code: 403): Access Denied.
我发现刷新后的用户密码在ldapProvider中被硬编码为null。然后评估这个刷新的用户不等于令牌用户,这导致用户取消身份验证。
vendor/symfony/security-core/User/LdapUserProvider.php:
public function refreshUser(UserInterface $user)
{
if (!$user instanceof User) {
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', \get_class($user)));
}
return new User($user->getUsername(), null, $user->getRoles());
}
vendor/symfony/security-http/Firewall/ContextListener.php:
try {
$refreshedUser = $provider->refreshUser($user);
$newToken = clone $token;
$newToken->setUser($refreshedUser);
...
}
我该如何解决这个问题?
谢谢
此问题已在 symfony 4.4 中修复,在
symfony/src/Symfony/Component/Ldap/Security/LdapUserProvider.php
密码不再设置为空
public function refreshUser(UserInterface $user)
{
if (!$user instanceof LdapUser) {
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', \get_class($user)));
}
return new LdapUser($user->getEntry(), $user->getUsername(), $user->getPassword(), $user->getRoles());
}