diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[SecurityBundle] made the anonymous key parameter configurable and random by default

Browse Source
This commit is contained in:
Fabien Potencier 2011-03-16 09:21:44 +01:00
parent e0df94cb8b
commit 2cf0601f18
4 changed files with 22 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Symfony/Bundle/SecurityBundle/DependencyInjection/Configuration.php
View File

@ -156,7 +156,9 @@ class Configuration
->prototype('scalar')->end()
->end()
->end()
->booleanNode('anonymous')->defaultFalse()->end()
->arrayNode('anonymous')
->scalarNode('key')->defaultValue(function () { return uniqid(); })->end()
->end()
->arrayNode('switch_user')
->scalarNode('provider')->end()
->scalarNode('parameter')->defaultValue('_switch_user')->end()

19
src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
View File

@ -345,9 +345,22 @@ class SecurityExtension extends Extension
}
// Anonymous
if ($firewall['anonymous']) {
$listeners[] = new Reference('security.authentication.listener.anonymous');
$authenticationProviders[] = 'security.authentication.provider.anonymous';
if (isset($firewall['anonymous'])) {
$listenerId = 'security.authentication.listener.anonymous.'.$id;
$container
->setDefinition($listenerId, new DefinitionDecorator('security.authentication.listener.anonymous'))
->setArgument(1, $firewall['anonymous']['key'])
;
$listeners[] = new Reference($listenerId);
$providerId = 'security.authentication.provider.anonymous.'.$id;
$container
->setDefinition($providerId, new DefinitionDecorator('security.authentication.provider.anonymous'))
->setArgument(0, $firewall['anonymous']['key'])
;
$authenticationProviders[] = $providerId;
$hasListeners = true;
}

5
src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
View File

@ -37,18 +37,17 @@
<parameter key="security.authentication.provider.pre_authenticated.class">Symfony\Component\Security\Core\Authentication\Provider\PreAuthenticatedAuthenticationProvider</parameter>
<parameter key="security.authentication.provider.anonymous.class">Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider</parameter>
<parameter key="security.anonymous.key">SomeRandomValue</parameter>
</parameters>
<services>
<service id="security.authentication.listener.anonymous" class="%security.authentication.listener.anonymous.class%" public="false">
<argument type="service" id="security.context" />
<argument>%security.anonymous.key%</argument>
<argument /> <!-- Key -->
<argument type="service" id="logger" on-invalid="null" />
</service>
<service id="security.authentication.provider.anonymous" class="%security.authentication.provider.anonymous.class%" public="false">
<argument>%security.anonymous.key%</argument>
<argument /> <!-- Key -->
</service>
<service id="security.authentication.retry_entry_point" class="%security.authentication.retry_entry_point.class%" public="false" />

2
src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
View File

@ -83,7 +83,7 @@ abstract class SecurityExtensionTest extends \PHPUnit_Framework_TestCase
'security.authentication.listener.form.secure',
'security.authentication.listener.basic.secure',
'security.authentication.listener.digest.secure',
'security.authentication.listener.anonymous',
'security.authentication.listener.anonymous.secure',
'security.access_listener',
'security.authentication.switchuser_listener.secure',
),