I am trying to implement functionality in Symfony2 Remember Me login.
I have this configuration file security.yml
security:
firewalls:
frontend:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
default_target_path: /index
success_handler: authentication_handler
logout:
path: /logout
target: /login
success_handler: authentication_handler
security: true
remember_me:
key: "%secret%"
lifetime: 120
path: /
access_denied_handler: accessdenied_handler
#primero deben de ir los usuarios anonimos si no se entra en loop redirect
access_control:
- { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/js, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_A }
- { path: ^/nuevoinforme, roles: ROLE_M }
- { path: ^/, roles: IS_AUTHENTICATED_REMEMBERED }
providers:
user_db:
entity: { class: miomioBundleEntityEmpleado, property: username }
role_hierarchy:
ROLE_M: ROLE_U
ROLE_A: ROLE_U
encoders:
miomioBundleEntityEmpleado: { algorithm: sha1 }
SymfonyComponentSecurityCoreUserUser: plaintext
When I login, the cookie is properly stored on the client. However, after 120 seconds, while trying to access another URL, it still considers the client as logged-in while I expect it to be logged out and therefore I expect the client to be redirected to /login.
How can I fix this issue?
See Question&Answers more detail:os
