following setup:
I have two different login sections for two different users.
First user is a normal user (Entity: AppBundle:User) the second one is the admin (Entity: AppBundle:Admin).
I have two different login paths, providers, firewalls and encoders. I can login and logout either as a user or as admin with no problems .
The problem:
If the admin has logged in I need him to stay in the admin domain and not be able to access the user login. Same for the normal user, he must not be able to login as admin if he is already logged in as a user.
So the problem is, that if the admin is logged in he still can switch to the user login domain and login as user, the session will than contain both USER AND ADMIN.
security.yml:
providers:
admin_db_provider:
name: admin_provider
entity:
class: AppBundle:Admin
...
user_db_provider:
name: user_provider
entity:
class: AppBundle:User
...
firewalls:
admin_secured_domain:
pattern: ^/admin
anonymous: ~
provider: admin_provider
form_login:
login_path: admin.authentication
check_path: admin.authentication
username_parameter: userName
pasword_parameter: password
...
user_secured_domain:
pattern: ^/user
anonymous: ~
provider: user_provider
form_login:
login_path: user.authentication
check_path: user.authentication
username_parameter: userName
pasword_parameter: password
...
access_control:
- { path: ^/user/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
encoders:
...
I assume this happens because I use two different providers for the login check.
When I am logged in as a user and access the admin login I can see in the Symfony profiler that the user switches from "user" to "anon." and same is for the admin, it switches from "admin" to "anon." if I am logged in as admin and access the user login.
I just need to redirect them back to their domain, but I am not able to check the role at this point.
