Closed personman closed 11 years ago
I'll have to look further into this, but I think it is because the UnauthorizedStrategy should not run for routing errors (see here).
I inspected the value of $event->getError()
in the block of code you mentioned. It equals
'error-unauthorized-controller'
So, the issue is prior to that. I tinkered with the onDispatch()
method in the guard controller, but I wasn't able to get this to behave like I want.
@personman error-unauthorized-controller
happens after routing. Is your 404 related to routing or to controller mismatch?
@Ocramius It was the latter. I have a segment route that can match any controller: '/[:controller[/:action[/:id]]]'
. I think that's the source of my issue. So, for a non-existent url like "/notreal", routing is successful, then bjyauthorize does its thing, and only later does the app learn that there's no controller called "notreal." I'm thinking of ditching that general route anyway. Sorry if this was just a false alarm.
@personman I'm going to close this then: a correct match on a controller would have resulted in a 403 anyway if not configured first ;)
I'm getting the module to function and I'm very grateful for the work that has gone into making and sharing it. Well done. But I'd like to mention one issue. Once I got the module set up, any url that would have reached a 404 not found error page is now showing a 403 forbidden page. I could implement my own UnauthorizedStrategy, but I'd like to request that existing 404 handling remain in effect by default.
Here's my config, just in case this issue is the result of me doing something wrong: