Closed lukeman83 closed 11 years ago
@sdiaz...can you help me? Please!
I am facing the same issue. What was the resolution?
I can authenticate, and get all users with x-wsse header string. But I cant register a new user. Just keeps giving me a 403 Forbidden error.
My app/config/security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: plaintext #sha512
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
wsse_secured:
pattern: ^/api/.*
stateless: true
wsse:
nonce_dir: null
lifetime: 5184000
provider: fos_userbundle
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
access_control:
- { path: ^/api/, role: IS_AUTHENTICATED_ANONYMOUSLY }
role_hierarchy:
ROLE_WEBUSER: ROLE_USER
ROLE_DEVELOPER: [ROLE_WEBUSER, ROLE_ALLOWED_TO_SWITCH]
Hi, my firewall properties are:
firewalls: wsse_secured: pattern: ^/api/.* stateless: true wsse: nonce_dir: null lifetime: 5184000 provider: fos_userbundle anonymous: false I try to use my api in this way:
First I do a POST request:
localhost/project/web/app_dev.php/security/token/create?_username=a@a.it&_password=aaa
HEADERS:
Accept : application/json Content-Type : application/x-www-form-urlencoded
I receive response 200 OK: BODY: { "WSSE":"UsernameToken Username=\"a@a.it\", PasswordDigest=\"R82hdPWyV3PoTliW5O1aoSkKRZk=\", Nonce=\"YmUwZDVhNDliNzZiM2QzZA==\", Created=\"2013-05-23T07:57:03+02:00\"" }
After I call my api with a GET request:
localhost/project/web/app_dev.php/api/something
HEADERS:
Authorization : WSSE profile="UsernameToken" X-wsse : UsernameToken Username=\"a@a.it\", PasswordDigest=\"R82hdPWyV3PoTliW5O1aoSkKRZk=\", Nonce=\"YmUwZDVhNDliNzZiM2QzZA==\", Created=\"2013-05-23T07:57:03+02:00\" ACCEPT : application/json
I receive response 403 FORBIDDEN.
What is the error?