rest - Is CSRF token the cause for not be able to get authentificated in CURL command? -


The FOSSTBundle is fully working in my project but without authentication. Now, my goal is to make my requests with auth.

To do this, I have added this firewall to security.yml 

  firewall: # ... main: Pattern: / Form_login: Provider: fos_userbundle remember_me: True login_path: / login check_path: / login_check default_target_path: minn_ads_default_index csrf_provider: form.csrf_provider Remember: key:% secret% rest_api: Pattern: ^ / api / stateless: true http_basic: Provider: fos_userbundle # ... access_control: # .. In order to check the certification in the curl order, I tried this command:  
 
   
 code> curl -i \ -H 'accept: application / js '\' H: Authority: Basic DG9UXxxJoxMJM 0 '\ http: //localhost/tuto/app_dev.php/api/test/1   
 Where  dG9uaXZkdjoxMjM0 = encode_base64 (' tonivdv : 1234 ')   
 The result is:  
  HTTP / 1.1 302 found Date: Fri, 11 April 2014 13:56:08 GMT Server: Apache / 2.2.22 (Ubuntu) By X-Power: PHP / 5.4.9-4ubuntu2.4 Set-Cookie: PHPSE SSID = 4dtr168vmj1eg523a07kbkjkh1; Path = / cache-control: no-cache location: http: //localhost/tuto/web/app_dev.php/login variant: acceptable-language x-debug-token: 220df7 transfer-encoding: checked content-type: application / Jason & lt ;! DOCTYPE html & gt; & Lt; Html & gt; & Lt; Top & gt; & Lt; Meta http-equiv = "content-type" content = "text / html; charset = UTF-8" /> & Lt; Meta http-equiv = "refresh" content = "1; url = http: //localhost/tuto/web/app_dev.php/login" /> & Lt; Title & gt; Http: //localhost/tuto/web/app_dev.php/login< / Title & gt; Redirecting to; & Lt; / Head & gt; & Lt; Body & gt; & Lt; a href = "http: //localhost/tuto/web/app_dev.php/login" & gt; Http: //localhost/tuto/web/app_dev.php/login< / A & gt; Redirect to. & Lt; / Body & gt; & Lt; / Html & gt;   
 So I am thinking that CSRF token  FOSUserBandal  is due to not being authenticated in curl order?  
 
 OK, your rest_api firewall will never be used because it happens after the main firewall Which will always match. This means that your API is protected through Stuttgable Form_Login Aith, not via http_basic.  
  Firewall: rest_api: pattern: ^ / api / stateless: true http_basic: Provider: fos_userbundle main: pattern: ^ / Form_login: Provider: fos_userbundle remember_me: true login_path: / login check_path: / login_check Default_target_path: minn_ads_default_index csrf_provider: form.csrf_provider Remember: key:% secret% access_control: # ... - {path: ^ / api /, role: IS_AUTHENTICATED_FULLY}

Comments

Post a Comment

Popular posts from this blog

Java - Error: no suitable method found for add(int, java.lang.String) -

I'm in the middle of homework work and I'm stuck. At this point in my code, I think that I should have a GUI window that opens and allows me to type "inserted text number". Notice is not going anywhere but at this point, If I pass through the problem then it will be in a linked list. I am getting two of the same error for the lines. Add (index, element); And I can not seem to get past it, there is no suitable method for the error "add (int, java. string string)". Code is below, please advise. To clarify - this will not be a method error because it is a linked list. There should not be any way involved. import java.awt. *; Import java.awt.event. *; Import javax.swing. *; Import java.util. *; Import java.util.Scanner; Import java.util.LinkedList; Public class TopTenList JFrame {Private TopTenList tt; See the Private JTextArea list; Private JTextField cmdTextField; Private JTextField resultsTestfield; // This GUI window is the code for the public toptist...
Read more

java - JPA TypedQuery: Parameter value element did not match expected type -

I am using JPA 2.0 and getting the following code in the DAO layer: Public Zero Test () {string key = "status"; String [] Conditions = {"A", "B"}; & Lt; TestTable & gt; Results = Search (Keys, Conditions); } Public listing & lt; TestTable & gt; Search (string key, object value error) {string sql = "test ndf to testlet and jade nand." + Key + "in:" + key; TypedQuery & LT; TestTable & gt; Query = entityManager.createQuery (SQL, TestTable.class); Query.setParameter (key, Arrays.asList (valueArr)) / *** Error Line *** Return query.getResultList (); } In the above error line, it throws the following exception: java.lang.IllegalArgumentException: parameter value element [[Ljava.lang.String; @ cbe5bc] did not match the expected type [java.lang.String] Why is this expected type string while actually this string []? Please help! Note: This is derived from the normal routine and is a simplified code. I can no...
Read more

c++ - static template member variable has internal linkage but is not defined -

Yes, I know, there is a question with almost the same title, but it refers to a different situation. Error message) In my case, I have a .cpp file with a big named designation name (implementation details). There is a property class template with a static data member in that name space, which I need to access from outside the unknown namespace. I give it a little bit of meat: file.hpp namespace Bar {template & lt; Typename A & gt; Struct foo {static_assert (is_same & lt; a, float & gt; :: value} is_same & lt; a, double>: value, ""); Fixed zero set_static_var (a const & x); // ...}; } and file.cpp namespace {template & lt; Typename A & gt; Struct foo_traits {// supports the implementation of several static code bars: foo & lt; & Gt; Fixed A data; }; The template's & lt; & Gt; Float foo_traits & lt; Float & gt; :: datum; // No change if this is in the global namespace template & lt; & Gt; Doub...
Read more