这是我的app / config / security.yml

security:
encoders:
    Symfony\Component\Security\Core\User\User: plaintext

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER,ROLE_ADMIN,ROLE_ALLOWED_TO_SWITCH]

providers:
    in_memory:
        memory:
            users:
                user0:  { password: user0,roles: [ 'ROLE_ADMIN' ] }
                user1:  { password: user1,roles: [ 'ROLE_SUPER_ADMIN' ] }

firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

    login:
        pattern:  ^/demo/secured/login$
        security: false

    secured_area:
        pattern: ^/
        logout: ~
        anonymous: ~
        http_basic:
            realm: "Secured Area"

access_control:
    - { path: ^/question/*,roles: ROLE_ADMIN }
    - { path: ^/questiongroup/*,roles: ROLE_ADMIN }
    - { path: ^/answer/*,roles: ROLE_ADMIN }
    - { path: ^/newslettertemplate/*,roles: ROLE_ADMIN }
    - { path: ^/customer/*,roles: ROLE_SUPER_ADMIN }
    - { path: ^/statistics/*,roles: ROLE_SUPER_ADMIN }

我已经在route.yml中创建了logout条目,如symfony安全文档中所述：

logout:
    path:   /logout

当我创建一个指向“注销”的链接时,我会被重定向到“/”,这是可以的.但是用户仍然经过身份验证,意味着实际的注销无效.