【发布时间】:2014-11-10 13:30:27
【问题描述】:
我使用 Symfony2.3 及其内置的PDOSessionHandler 工具在数据库中存储会话。出于某种原因,似乎每个请求都会将多个会话写入数据库,因此,我无法登录。这是我的 PDO 会话配置:
parameters:
pdo.db_options:
db_table: Session
db_id_col: id
db_data_col: session_value
db_time_col: session_time
services:
pdo:
class: PDO
arguments:
dsn: "mysql:host=%database_host%;port=%database_port%;dbname=%database_name%"
user: %database_user%
password: %database_password%
calls:
- [ setAttribute, [3, 2] ] # \PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION
session.handler.pdo:
class: Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler
arguments:
- "@pdo"
- "%pdo.db_options%"
假设我以匿名用户的身份向https://acme.mybundle.com/app_dev.php 发出一个 GET 请求。然后这是我在Session 表中看到的输出示例:
+----+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------+
| id | session_value | session_time |
+----+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------+
| 1 | X3NmMl9hdHRyaWJ1dGVzfGE6MTp7czozNDoiX3NlY3VyaXR5LnNlY3VyZWRfYXJlYS50YXJnZXRfcGF0aCI7czozODoiaHR0cHM6Ly9hbGxlbmNvLmRldi5hdmF0YXJuZXd5b3JrLmNvbS8iO31fc2YyX2ZsYXNoZXN8YTowOnt9X3NmMl9tZXRhfGE6Mzp7czoxOiJ1IjtpOjE0MTU2MjU4ODQ7czoxOiJjIjtpOjE0MTU2MjU4ODQ7czoxOiJsIjtzOjE6IjAiO30= | 1415625884 |
| 2 | X3NmMl9hdHRyaWJ1dGVzfGE6MDp7fV9zZjJfZmxhc2hlc3xhOjA6e31fc2YyX21ldGF8YTozOntzOjE6InUiO2k6MTQxNTYyNTg4NDtzOjE6ImMiO2k6MTQxNTYyNTg4NDtzOjE6ImwiO3M6MToiMCI7fQ== | 1415625884 |
+----+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+--------------+
如果您需要,这是我的security.yml 文件:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
Acme\MyBundle\Entity\User: sha512
providers:
main:
id: acme.user.provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login_firewall:
pattern: ^/login$
security: false
secured_area:
pattern: ^/
form_login: ~
logout:
path: /logout
target: /
access_control:
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
- { path: ^/, roles: ROLE_USER, requires_channel: https }
经过 1-5 次尝试后,我通常能够登录,并且不会为任何未来的请求创建更多会话。最后,我们的服务器在相关的情况下位于代理后面。有谁知道为什么要在每个请求上写入多个会话?谢谢!
【问题讨论】: