diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Security] changed order of checks to check for more specific things first

Browse Source
This commit is contained in:
Johannes Schmitt 2011-07-13 18:36:17 +02:00
parent 4259530856
commit 29e4063825
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
View File

@ -126,19 +126,19 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
return; return;
} }
try {
if (null === $returnValue = $this->attemptAuthentication($request)) {
return;
}
if (!$request->hasSession()) { if (!$request->hasSession()) {
throw new \RuntimeException('This authentication method requires a session.'); throw new \RuntimeException('This authentication method requires a session.');
} }
try {
if (!$request->hasPreviousSession()) { if (!$request->hasPreviousSession()) {
throw new SessionUnavailableException('Your session has timed-out, or you have disabled cookies.'); throw new SessionUnavailableException('Your session has timed-out, or you have disabled cookies.');
} }
if (null === $returnValue = $this->attemptAuthentication($request)) {
return;
}
if ($returnValue instanceof TokenInterface) { if ($returnValue instanceof TokenInterface) {
$this->sessionStrategy->onAuthentication($request, $returnValue); $this->sessionStrategy->onAuthentication($request, $returnValue);