2012-04-26 21:54:07 +01:00
|
|
|
CHANGELOG
|
|
|
|
=========
|
|
|
|
|
2017-01-29 11:38:33 +00:00
|
|
|
3.3.0
|
|
|
|
-----
|
|
|
|
|
2016-11-28 21:24:53 +00:00
|
|
|
* Deprecated instantiating `UserPasswordEncoderCommand` without its constructor
|
|
|
|
arguments fully provided.
|
|
|
|
* Deprecated `UserPasswordEncoderCommand::getContainer()` and relying on the
|
|
|
|
`ContainerAwareInterface` interface for this command.
|
2017-01-29 11:38:33 +00:00
|
|
|
* Deprecated the `FirewallMap::$map` and `$container` properties.
|
2017-02-22 15:22:03 +00:00
|
|
|
* [BC BREAK] Keys of the `users` node for `in_memory` user provider are no longer normalized.
|
2017-05-21 10:59:35 +01:00
|
|
|
* deprecated `FirewallContext::getListeners()`
|
2017-01-29 11:38:33 +00:00
|
|
|
|
2016-04-11 14:31:32 +01:00
|
|
|
3.2.0
|
|
|
|
-----
|
|
|
|
|
|
|
|
* Added the `SecurityUserValueResolver` to inject the security users in actions via
|
|
|
|
`Symfony\Component\Security\Core\User\UserInterface` in the method signature.
|
|
|
|
|
2015-09-21 08:10:39 +01:00
|
|
|
3.0.0
|
|
|
|
-----
|
|
|
|
|
|
|
|
* Removed the `security.context` service.
|
|
|
|
|
2015-06-29 12:59:59 +01:00
|
|
|
2.8.0
|
|
|
|
-----
|
|
|
|
|
2015-11-07 17:29:53 +00:00
|
|
|
* deprecated the `key` setting of `anonymous`, `remember_me` and `http_digest`
|
|
|
|
in favor of the `secret` setting.
|
2015-11-28 11:32:42 +00:00
|
|
|
* deprecated the `intention` firewall listener setting in favor of the `csrf_token_id`.
|
2015-06-29 12:59:59 +01:00
|
|
|
|
2014-09-24 08:31:12 +01:00
|
|
|
2.6.0
|
|
|
|
-----
|
|
|
|
|
2014-09-23 08:57:52 +01:00
|
|
|
* Added the possibility to override the default success/failure handler
|
|
|
|
to get the provider key and the options injected
|
2015-06-29 12:59:59 +01:00
|
|
|
* Deprecated the `security.context` service for the `security.token_storage` and
|
2014-09-24 08:31:12 +01:00
|
|
|
`security.authorization_checker` services.
|
|
|
|
|
2013-09-01 10:49:21 +01:00
|
|
|
2.4.0
|
|
|
|
-----
|
|
|
|
|
|
|
|
* Added 'host' option to firewall configuration
|
2013-11-22 21:24:14 +00:00
|
|
|
* Added 'csrf_token_generator' and 'csrf_token_id' options to firewall logout
|
2015-08-11 08:58:34 +01:00
|
|
|
listener configuration to supersede/alias 'csrf_provider' and 'intention'
|
2013-11-22 21:24:14 +00:00
|
|
|
respectively
|
2013-09-27 08:38:53 +01:00
|
|
|
* Moved 'security.secure_random' service configuration to FrameworkBundle
|
2013-09-01 10:49:21 +01:00
|
|
|
|
2013-04-20 14:51:07 +01:00
|
|
|
2.3.0
|
|
|
|
-----
|
|
|
|
|
|
|
|
* allowed for multiple IP address in security access_control rules
|
|
|
|
|
2012-06-26 11:12:42 +01:00
|
|
|
2.2.0
|
|
|
|
-----
|
|
|
|
|
2013-04-20 14:51:07 +01:00
|
|
|
* Added PBKDF2 Password encoder
|
|
|
|
* Added BCrypt password encoder
|
2012-06-26 11:12:42 +01:00
|
|
|
|
2012-04-26 21:54:07 +01:00
|
|
|
2.1.0
|
|
|
|
-----
|
|
|
|
|
|
|
|
* [BC BREAK] The custom factories for the firewall configuration are now
|
|
|
|
registered during the build method of bundles instead of being registered
|
|
|
|
by the end-user (you need to remove the 'factories' keys in your security
|
|
|
|
configuration).
|
|
|
|
|
|
|
|
* [BC BREAK] The Firewall listener is now registered after the Router one. This
|
|
|
|
means that specific Firewall URLs (like /login_check and /logout must now
|
|
|
|
have proper route defined in your routing configuration)
|
|
|
|
|
|
|
|
* [BC BREAK] refactored the user provider configuration. The configuration
|
|
|
|
changed for the chain provider and the memory provider:
|
|
|
|
|
|
|
|
Before:
|
|
|
|
|
|
|
|
``` yaml
|
|
|
|
security:
|
|
|
|
providers:
|
|
|
|
my_chain_provider:
|
|
|
|
providers: [my_memory_provider, my_doctrine_provider]
|
|
|
|
my_memory_provider:
|
|
|
|
users:
|
|
|
|
toto: { password: foobar, roles: [ROLE_USER] }
|
|
|
|
foo: { password: bar, roles: [ROLE_USER, ROLE_ADMIN] }
|
|
|
|
```
|
|
|
|
|
|
|
|
After:
|
|
|
|
|
|
|
|
``` yaml
|
|
|
|
security:
|
|
|
|
providers:
|
|
|
|
my_chain_provider:
|
|
|
|
chain:
|
|
|
|
providers: [my_memory_provider, my_doctrine_provider]
|
|
|
|
my_memory_provider:
|
|
|
|
memory:
|
|
|
|
users:
|
|
|
|
toto: { password: foobar, roles: [ROLE_USER] }
|
|
|
|
foo: { password: bar, roles: [ROLE_USER, ROLE_ADMIN] }
|
|
|
|
```
|
|
|
|
|
|
|
|
* [BC BREAK] Method `equals` was removed from `UserInterface` to its own new
|
|
|
|
`EquatableInterface`. The user class can now implement this interface to override
|
|
|
|
the default implementation of users equality test.
|
|
|
|
|
|
|
|
* added a validator for the user password
|
|
|
|
* added 'erase_credentials' as a configuration key (true by default)
|
|
|
|
* added new events: `security.authentication.success` and `security.authentication.failure`
|
|
|
|
fired on authentication success/failure, regardless of authentication method,
|
|
|
|
events are defined in new event class: `Symfony\Component\Security\Core\AuthenticationEvents`.
|
|
|
|
|
|
|
|
* Added optional CSRF protection to LogoutListener:
|
|
|
|
|
|
|
|
``` yaml
|
|
|
|
security:
|
|
|
|
firewalls:
|
|
|
|
default:
|
|
|
|
logout:
|
|
|
|
path: /logout_path
|
|
|
|
target: /
|
2013-09-27 08:38:53 +01:00
|
|
|
csrf_parameter: _csrf_token # Optional (defaults to "_csrf_token")
|
|
|
|
csrf_provider: security.csrf.token_generator # Required to enable protection
|
|
|
|
intention: logout # Optional (defaults to "logout")
|
2012-04-26 21:54:07 +01:00
|
|
|
```
|
|
|
|
|
|
|
|
If the LogoutListener has CSRF protection enabled but cannot validate a token,
|
|
|
|
then a LogoutException will be thrown.
|
|
|
|
|
|
|
|
* Added `logout_url` templating helper and Twig extension, which may be used to
|
|
|
|
generate logout URL's within templates. The security firewall's config key
|
|
|
|
must be specified. If a firewall's logout listener has CSRF protection
|
|
|
|
enabled, a token will be automatically added to the generated URL.
|