[Flow] Problem with HttpBasic auth

Mathis Hoffmann mathis at hoffpost.de
Sat Aug 10 13:01:47 CEST 2013 

Hello again,

I just try to enable HttpBasic-Auth for my app. I have come so far that 
my browser displays the login-window and I have created an account (that 
I can find in the database). But entering the security credentials does 
not affect anything. After a short time the windows comes up again.

My configuration is as follows:

Settings.yaml:
TYPO3:
   Flow:
     security:
       enable: TRUE
       authentication:
         authenticationStrategy: oneToken
         providers:
           DefaultProvider:
             provider: PersistedUsernamePasswordProvider
             tokenClass: UsernamePasswordHttpBasic
             entryPoint: HttpBasic
             entryPointOptions:
               realm: 'Bitte einloggen'

Policy.yaml:
roles:
   User: []

resources:
   methods:
     allControllerMethods: 'method(HdM\Accounting\Controller\.*->.*())'

alcs:
   User:
     methods:
       allControllerMethods:   GRANT

I created the account with this snipped:
         $identifier = 'mathis';
         $password = 'secret';
         $roles = array('HdM.Accounting:User');
         $account = 
$this->accountFactory->createAccountWithPassword($identifier, $password, 
$roles);
         $this->accountRepository->add($account);

I also tried setting the provider explicitly while creation which had no 
effect:
     $account = 
$this->accountFactory->createAccountWithPassword($identifier, $password, 
$roles, 'PersistedUsernamePasswordProvider');

In the database I find the following entry:
7ffc2fbe-18ad-03c5-528b-49dbbf944fd5, , mathis, DefaultProvider, 
bcrypt=>$2a$14$5sb1X5DlX6BHmBBonlCxIO4t0VbcLIgNaT9rVkOBuQcz4AOaSftiW, 
2013-08-10 11:49:14,

Can anyone tell me what I could do to get authentication work?

In the security log I find:
13-08-10 12:44:13 1575       127.0.0.1      INFO Flow                 
Starting authentication with entry point of type 
TYPO3\Flow\Security\Authentication\EntryPoint\HttpBasic
13-08-10 12:44:16 1575       127.0.0.1      NOTICE Flow                 
Authentication failed: "Could not authenticate any token. Might be 
missing or wrong credentials or no authentication provider matched." 
#1222204027
13-08-10 12:44:16 1575       127.0.0.1      INFO Flow                 
Starting authentication with entry point of type 
TYPO3\Flow\Security\Authentication\EntryPoint\HttpBasic
... and so on

I'm sure that I enter the credentials correctly. So I think the problem 
is "or no authentication provider matched". But the provider is set 
explicitly in the configuration...

Any ideas?

Cheers
Mathis

More information about the Flow mailing list