Symfony - 404 always redirects to login page instead of displaying custom 404 page

1
votes

I've come across a rather odd problem.

My whole application is by default secured (in the apps/frontend/config/security.yml file)

In my settings, I have (removed csrf token, check_lock etc. as it's not relevant):

all:
  .settings:
    error_404_module: user
    error_404_action: 404
    use_security: on
    login_module: user
    login_action: login

In the user module's security.yml file I have:

404Success:
  is_secure: false

In development, if I go to an invalid url, i'll get the standard symfony debug page saying:

404 | Not Found | sfError404Exception
Empty module and/or action after parsing the URL

"/blahblahfhfjhjdhdshdus" (/).

However, in production, I will be presented with the login page for every invalid URL.

I just want to display my custom 404 error page.

I've looked into the PHP error logs, this is what i'm presented with:

> [Tue Jun 14 17:10:54 2011] [error]
> [client 129.42.32.32] Empty module
> and/or action after parsing the URL
> "//blahblahfhfjhjdhdshdus" (/). [Tue
> Jun 14 17:10:54 2011] [error] [client
> 129.42.32.32] PHP Fatal error:  Uncaught exception 'sfStopException'
> in
> /srv/www/foo.bar/lib/vendor/symfony/1.4/lib/filter/sfBasicSecurityFilter.class.php:96\nStack
> trace:\n#0
> /srv/www/foo.bar/lib/vendor/symfony/1.4/lib/filter/sfBasicSecurityFilter.class.php(55):
> sfBasicSecurityFilter->forwardToLoginAction()\n#1
> /srv/www/foo.bar/cache/frontend/prod/config/config_core_compile.yml.php(1026):
> sfBasicSecurityFilter->execute(Object(sfFilterChain))\n#2
> /srv/www/foo.bar/cache/frontend/prod/config/config_core_compile.yml.php(990):
> sfFilterChain->execute()\n#3
> /srv/www/foo.bar/cache/frontend/prod/config/config_core_compile.yml.php(1026):
> sfRenderingFilter->execute(Object(sfFilterChain))\n#4
> /srv/www/foo.bar/cache/frontend/prod/config/config_core_compile.yml.php(660):
> sfFilterChain->execute()\n#5
> /srv/www/foo.bar/lib/vendor/symfony/1.4/lib/exception/sfError404Exception.class.php(49):
> sfController->forward('user', 404)\n#6
> /srv/www/foo.bar/c in
> /srv/www/foo.bar/lib/vendor/symfony/1.4/lib/filter/sfBasicSecurityFilter.class.php
> on line 96

As you can the security filter is intercepting (bad choice of word) the 404 action, even though i'v over-ridden the global security.yml for that action.

Any ideas?

Thanks!

3
symfony1symfony-1.4

3 Answers

5
votes

The problem is that the action is 404, not 404Success. Try

404:
  is_secure: false

The success is the default returned view by symfony.

1
votes

When using the default symfony 404 - this worked for me (The errors stopped showing up in the apache error log)

  1. Create folder "apps/frontend/modules/default/config"
  2. Create "settings.yml"

  3. Add the following lines:

    error404:
  is_secure: false
0
votes

Found the solution:

A bit odd, but it worked.

In my user security.yml, I had to change from this:

404Success:
  is_secure: false

to this:

all:
  is_secure: false

It's not really a problem as I only have the login and 404 actions in the user module....but I'm surprised I had to turn off security on the whole module and not just turn off the security on the 404 action. Not quite sure why it was ignoring '404Success'. Strange....