[FLOW3-general] Problem with authenticateAction
Markus Goldbeck
mgoldbeck at cross-content.com
Thu Sep 29 09:37:24 CEST 2011
Hello everyone,
I have got some problems with the authentication. I would like to have a
login in the Standard Controller, so you have to login to get any
further on the site. I used the "authenticateAction" and the settings
from the Blogexample.
The routing is defined and the "authenticateAction" is called in the
StandardController. After sending the form with the right Login data I'm
landing on the redirected site with the error Message "Access denied!".
A CSRF-Token is generated.
When I'm using a false Login I land on the same page. But here I would
expect the Exeption in the StandardController after a false Login.
Furthermore I would expect that after Login with the right data as an
Admin and an redirect on the StandardController that I would get the
message form the ViewHelper "<f:security.ifHasRole role="Admin">"
Can anybody give me some hint please where my problem is to solve.
Best Regards
Markus
//Login Form
<f:security.ifHasRole role="PartnerMaster">
I am an Partner Master
</f:security.ifHasRole>
<f:security.ifHasRole role="Admin">
I am an Admin
</f:security.ifHasRole>
<div id="loginscreen">
<h1>Anmeldung</h1>
<p><f:flashMessages class="flashmessages" /></p>
<f:form action="authenticate" method="post">
Login:
<input type="text" id="username"
name="__authentication[TYPO3][FLOW3][Security][Authentication][Token][UsernamePassword][username]"
value="" tabindex="1" />
Password:
<input type="password" id="password"
name="__authentication[TYPO3][FLOW3][Security][Authentication][Token][UsernamePassword][password]"
value="" tabindex="2" />
<input type="submit" value="Login" tabindex="3" />
</f:form>
</div>
//StandardController
/**
* @inject
* @var \TYPO3\FLOW3\Security\Authentication\AuthenticationManagerInterface
*/
protected $authenticationManager;
public function authenticateAction() {
try {
$this->authenticationManager->authenticate();
$this->redirect('index', 'Projekt');
} catch
(\TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException
$exception) {
$this->flashMessageContainer->add('Wrong username or
password.');
throw $exception;
}
}
//Policy.yaml
resources:
methods:
MBS_SUPortal_Projekt:
'method(MBS\SUPortal\Controller\ProjektController->(index|new)Action())'
MBS_SUPortal_Angebot: 'class(MBS\SUPortal\Controller\Angebot\.*)'
MBS_SUPortal_Rechnung: 'class(MBS\SUPortal\Controller\Rechnung\.*)'
MBS_SUPortal_Restricted: 'class(MBS\SUPortal\Controller\User\.*)'
roles:
Admin: []
PartnerMaster: []
acls:
Admin:
methods:
MBS_SUPortal_Projekt: GRANT
MBS_SUPortal_Restricted: GRANT
MBS_SUPortal_Angebot: GRANT
MBS_SUPortal_Rechnung: GRANT
PartnerMaster:
methods:
MBS_SUPortal_Angebot: GRANT
MBS_SUPortal_Angebot: GRANT
MBS_SUPortal_Rechnung: GRANT
//Routes.yaml
-
name: 'Authentication'
uriPattern: 'authenticate'
defaults:
'@package': MBS.SUPortal
'@controller': Standard
'@action': authenticate
//Settings.yaml
--
FLOW3:
security:
authentication:
providers:
DefaultProvider:
providerClass: PersistedUsernamePasswordProvider
More information about the FLOW3-general
mailing list