2012-04-26 21:30:56 +01:00
CHANGELOG
=========
2017-05-04 08:35:02 +01:00
3.4.0
-----
* Using voters that do not implement the `VoterInterface` is now deprecated in
the `AccessDecisionManager` and this functionality will be removed in 4.0.
2017-03-01 15:05:29 +00:00
3.3.0
-----
2017-04-04 20:45:53 +01:00
* deprecated `AccessDecisionManager::setVoters()` in favor of passing the
voters to the constructor.
2017-04-13 18:48:35 +01:00
* [EXPERIMENTAL] added a `json_login` listener for stateless authentication
2017-03-01 15:05:29 +00:00
2016-04-28 10:12:15 +01:00
3.2.0
-----
2016-09-19 12:01:06 +01:00
* added `$attributes` and `$subject` with getters/setters to `Symfony\Component\Security\Core\Exception\AccessDeniedException`
2016-04-28 10:12:15 +01:00
2015-09-03 20:29:24 +01:00
3.0.0
-----
2015-09-21 08:10:39 +01:00
* removed all deprecated code
2015-09-03 20:29:24 +01:00
2015-06-29 12:59:59 +01:00
2.8.0
-----
2015-11-07 17:29:53 +00:00
* deprecated `getKey()` of the `AnonymousToken` , `RememberMeToken` ,
`AbstractRememberMeServices` and `DigestAuthenticationEntryPoint` classes in favor of `getSecret()` .
2015-06-28 13:36:46 +01:00
* deprecated `Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface` , use
`Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface` instead
* deprecated `Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface` , use
`Symfony\Component\Security\Http\Authentication\SimpleFormAuthenticatorInterface` instead
2015-08-25 11:07:24 +01:00
* deprecated `Symfony\Component\Security\Core\Util\ClassUtils` , use
`Symfony\Component\Security\Acl\Util\ClassUtils` instead
2015-09-23 21:36:53 +01:00
* deprecated the `Symfony\Component\Security\Core\Util\SecureRandom` class in favor of the `random_bytes()` function
2015-06-30 13:43:35 +01:00
* deprecated `supportsAttribute()` and `supportsClass()` methods of
`Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface` and
`Symfony\Component\Security\Core\Authorization\Voter\VoterInterface` .
* deprecated `getSupportedAttributes()` and `getSupportedClasses()` methods of
`Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter` , use `supports()` instead.
2015-11-28 11:32:42 +00:00
* deprecated the `intention` option for all the authentication listeners,
use the `csrf_token_id` option instead.
2015-06-29 12:59:59 +01:00
2014-11-12 22:47:12 +00:00
2.7.0
-----
2015-01-21 00:16:45 +00:00
* added LogoutUrlGenerator
* added the triggering of the `Symfony\Component\Security\Http\SecurityEvents::INTERACTIVE_LOGIN` in `Symfony\Component\Security\Http\Firewall\SimplePreAuthenticationListener`
2015-03-20 22:18:31 +00:00
* The MaskBuilder logic has been abstracted in the `Symfony\Component\Security\Acl\Permission\AbstractMaskBuilder`
and described in the `Symfony\Component\Security\Acl\Permission\MaskBuilderInterface`
2015-03-20 22:35:10 +00:00
* added interface `Symfony\Component\Security\Acl\Permission\MaskBuilderRetrievalInterface`
2014-11-12 22:47:12 +00:00
2014-07-05 15:07:05 +01:00
2.6.0
-----
* added Symfony\Component\Security\Http\Authentication\AuthenticationUtils
2014-09-24 08:31:12 +01:00
* Deprecated the `SecurityContext` class in favor of the `AuthorizationChecker` and `TokenStorage` classes
2014-07-05 15:07:05 +01:00
2013-06-13 09:16:06 +01:00
2.4.0
-----
2015-06-14 17:58:29 +01:00
* Translations in the `src/Symfony/Component/Security/Resources/translations/` directory are deprecated, ones in `src/Symfony/Component/Security/Core/Resources/translations/` must be used instead.
2013-08-30 14:09:09 +01:00
* The switch user listener now preserves the query string when switching a user
2013-07-21 20:36:38 +01:00
* The remember-me cookie hashes now use HMAC, which means that current cookies will be invalidated
2013-06-13 09:16:06 +01:00
* added simpler customization options
2013-09-27 08:23:44 +01:00
* structured component into three sub-components Acl, Core and Http
* added Csrf sub-component
* changed Http sub-component to depend on Csrf sub-component instead of the Form component
2013-06-13 09:16:06 +01:00
2013-03-23 13:30:20 +00:00
2.3.0
-----
2013-04-26 10:39:57 +01:00
* [BC BREAK] the BCrypt encoder constructor signature has changed (the first argument was removed)
To use the BCrypt encoder, you now need PHP 5.5 or "ircmaxell/password-compat" as a composer dependency
2013-02-04 09:27:49 +00:00
* [BC BREAK] return 401 instead of 500 when using use_forward during for form authentication
2013-03-23 13:30:20 +00:00
* added a `require_previous_session` option to `AbstractAuthenticationListener`
2012-06-26 11:12:42 +01:00
2.2.0
-----
2012-11-08 08:10:50 +00:00
* `Symfony\Component\Security\Http\Firewall` and
`Symfony\Component\Security\Http\RememberMe\ResponseListener` now
implements EventSubscriberInterface
2012-10-27 08:05:47 +01:00
* added secure random number generator
* added PBKDF2 Password encoder
2012-12-01 18:23:38 +00:00
* added BCrypt password encoder
2012-06-26 11:12:42 +01:00
2012-04-26 21:30:56 +01:00
2.1.0
-----
2012-07-02 18:29:27 +01:00
* [BC BREAK] The signature of ExceptionListener has changed
2012-06-26 10:17:51 +01:00
* changed the HttpUtils constructor signature to take a UrlGenerator and a UrlMatcher instead of a Router
2012-06-18 07:12:50 +01:00
* EncoderFactoryInterface::getEncoder() can now also take a class name as an argument
2012-04-26 21:30:56 +01:00
* allow switching to the user that is already impersonated
* added support for the remember_me parameter in the query
* added AccessMapInterface
* [BC BREAK] moved user comparison logic out of UserInterface
* made the logout path check configurable
* after login, the user is now redirected to `default_target_path` if
`use_referer` is true and the referrer is the `login_path` .
* added a way to remove a token from a session
* [BC BREAK] changed `MutableAclInterface::setParentAcl` to accept `null` ,
review your implementation to reflect this change.
* `ObjectIdentity::fromDomainObject` , `UserSecurityIdentity::fromAccount` and
`UserSecurityIdentity::fromToken` now return correct identities for proxies
objects (e.g. Doctrine proxies)
2012-06-21 08:49:20 +01:00
* [BC BREAK] moved the default authentication success and failure handling to
2012-07-28 23:02:29 +01:00
separate classes. The order of arguments in the constructor of the
2012-06-21 08:49:20 +01:00
`AbstractAuthenticationListener` has changed.
2012-07-28 23:02:29 +01:00
* [BC BREAK] moved the default logout success handling to a separate class. The
2012-07-14 15:07:27 +01:00
order of arguments in the constructor of `LogoutListener` has changed.
2012-07-15 15:00:04 +01:00
* [BC BREAK] The constructor of `AuthenticationException` and all child
2012-07-15 16:26:18 +01:00
classes now matches the constructor of `\Exception` . The extra information
getters and setters are removed. There are now dedicated getters/setters for
2012-07-15 16:38:53 +01:00
token (`AuthenticationException'), user (`AccountStatusException`) and
username (`UsernameNotFoundException`).