How to redirect an unauthorized user to the 403 page

1.3k views Asked by At

I am using ZendFramework2 with zfc-user and ZfcRbac for authorization and access control. I have setup everything to work with database managed role. Now when a user navigate to an un-authorized page, I am getting the error page You are not authorized to access this resource which is thrown by ZfcRbac

Actually I have configured in my zfc-rbac.global.php to redirect to the 403 page. my settings are below.

ZfcRbac\Exception\UnauthorizedException

--

'unauthorized_strategy' => [
     'template' => 'error/403'
],

How do I send the user to 403 page?

EDIT

The right answer is to attach the UnauthorizedStrategy in the onBootstrap

$t = $e->getTarget();
$t->getEventManager()->attach(
    $t->getServiceManager()->get('\ZfcRbac\View\Strategy\UnauthorizedStrategy')
);
1

There are 1 answers

2
Sam On BEST ANSWER

ZfcRbac per default doesn't do anything but throw the exception. The power of ZfcRbac then lies within it's many, many customizable features. The one you should be looking at is found under the Documentation-Section "Strategies".

In short

  • register the redirection strategy on your Modules onBootstrap
  • if required, change the redirection strategies configuration