3

On a Symfony project, I would return sometime an access denied Exception (403 code). I am doing this through Ajax. But the Exception return a 302 code with the FOS Bundle login page in location.

I isolated the issue on a test function and a test ajax:

PHP

  /**
     * @Route("/test")
     * @Method("POST")
     */
     public function testAction() {
        throw $this->createAccessDeniedException();
     }

JS

$.post('/test');

This Ajax call return a 302 code and redirect to login page (in response)

How can I solve this "bug"?

EDIT

I add the security.yml

main:
        pattern:        ^/
        anonymous:      true
        provider:       main
        form_login:
            login_path: fos_user_security_login
            check_path: fos_user_security_check
        logout:
            path:       fos_user_security_logout
            target:     /
        remember_me:
            secret:        %secret%

Thanks in advance

Thomas Dupont
  • 417
  • 6
  • 20
  • 1
    You need a simple `kernel.request` listener. Have a look at [this answer](http://stackoverflow.com/a/31413099/1832745) for an example of the listener-class, service-configuration, ... – Nicolai Fröhlich Nov 01 '16 at 09:17
  • Or use a custom `AccessDeniedHandler` as described [here](http://stackoverflow.com/questions/9166930/using-symfony2s-accessdeniedhandlerinterface/9182954#9182954) – Nicolai Fröhlich Nov 01 '16 at 09:21
  • Thanks but this answer is a patch. I could put a kind of false in the return and a condition in JS too but it's not a good practice (of my point of view). And I don't understand the source of the issue – Thomas Dupont Nov 01 '16 at 10:02
  • If returns 302 code to login page then this path is protected by firewall and the user is not authenticated, checks this in your `security.yml` – yceruto Nov 01 '16 at 12:21
  • Yonel, Thanks I add the security.yml – Thomas Dupont Nov 01 '16 at 12:49

0 Answers0