Make the session entry for the target url firewall dependent.
If there are two firewalls (eg. main and admin), calling an protected admin url will direct you to the login form of the admin. If I ignore this and go to the login form of the main firewall directly I will end up being redirected to the stored admin target url. This is not what you usually want to happen.
This commit is contained in:
parent
45849ce306
commit
8ffaafa867
@ -551,13 +551,14 @@ class SecurityExtension extends Extension
|
|||||||
{
|
{
|
||||||
$exceptionListenerId = 'security.exception_listener.'.$id;
|
$exceptionListenerId = 'security.exception_listener.'.$id;
|
||||||
$listener = $container->setDefinition($exceptionListenerId, new DefinitionDecorator('security.exception_listener'));
|
$listener = $container->setDefinition($exceptionListenerId, new DefinitionDecorator('security.exception_listener'));
|
||||||
$listener->replaceArgument(3, null === $defaultEntryPoint ? null : new Reference($defaultEntryPoint));
|
$listener->replaceArgument(3, $id);
|
||||||
|
$listener->replaceArgument(4, null === $defaultEntryPoint ? null : new Reference($defaultEntryPoint));
|
||||||
|
|
||||||
// access denied handler setup
|
// access denied handler setup
|
||||||
if (isset($config['access_denied_handler'])) {
|
if (isset($config['access_denied_handler'])) {
|
||||||
$listener->replaceArgument(5, new Reference($config['access_denied_handler']));
|
$listener->replaceArgument(6, new Reference($config['access_denied_handler']));
|
||||||
} elseif (isset($config['access_denied_url'])) {
|
} elseif (isset($config['access_denied_url'])) {
|
||||||
$listener->replaceArgument(4, $config['access_denied_url']);
|
$listener->replaceArgument(5, $config['access_denied_url']);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $exceptionListenerId;
|
return $exceptionListenerId;
|
||||||
|
@ -158,6 +158,7 @@
|
|||||||
<argument type="service" id="security.context" />
|
<argument type="service" id="security.context" />
|
||||||
<argument type="service" id="security.authentication.trust_resolver" />
|
<argument type="service" id="security.authentication.trust_resolver" />
|
||||||
<argument type="service" id="security.http_utils" />
|
<argument type="service" id="security.http_utils" />
|
||||||
|
<argument />
|
||||||
<argument type="service" id="security.authentication.entry_point" on-invalid="null" />
|
<argument type="service" id="security.authentication.entry_point" on-invalid="null" />
|
||||||
<argument>%security.access.denied_url%</argument>
|
<argument>%security.access.denied_url%</argument>
|
||||||
<argument type="service" id="security.access.denied_handler" on-invalid="null" />
|
<argument type="service" id="security.access.denied_handler" on-invalid="null" />
|
||||||
|
@ -271,8 +271,8 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
|
|||||||
}
|
}
|
||||||
|
|
||||||
$session = $request->getSession();
|
$session = $request->getSession();
|
||||||
if ($targetUrl = $session->get('_security.target_path')) {
|
if ($targetUrl = $session->get('_security.' . $this->providerKey . '.target_path')) {
|
||||||
$session->remove('_security.target_path');
|
$session->remove('_security.' . $this->providerKey . '.target_path');
|
||||||
|
|
||||||
return $targetUrl;
|
return $targetUrl;
|
||||||
}
|
}
|
||||||
|
@ -39,6 +39,7 @@ use Symfony\Component\EventDispatcher\EventDispatcherInterface;
|
|||||||
class ExceptionListener
|
class ExceptionListener
|
||||||
{
|
{
|
||||||
private $context;
|
private $context;
|
||||||
|
private $providerKey;
|
||||||
private $accessDeniedHandler;
|
private $accessDeniedHandler;
|
||||||
private $authenticationEntryPoint;
|
private $authenticationEntryPoint;
|
||||||
private $authenticationTrustResolver;
|
private $authenticationTrustResolver;
|
||||||
@ -46,11 +47,12 @@ class ExceptionListener
|
|||||||
private $logger;
|
private $logger;
|
||||||
private $httpUtils;
|
private $httpUtils;
|
||||||
|
|
||||||
public function __construct(SecurityContextInterface $context, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null)
|
public function __construct(SecurityContextInterface $context, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null)
|
||||||
{
|
{
|
||||||
$this->context = $context;
|
$this->context = $context;
|
||||||
$this->accessDeniedHandler = $accessDeniedHandler;
|
$this->accessDeniedHandler = $accessDeniedHandler;
|
||||||
$this->httpUtils = $httpUtils;
|
$this->httpUtils = $httpUtils;
|
||||||
|
$this->providerKey = $providerKey;
|
||||||
$this->authenticationEntryPoint = $authenticationEntryPoint;
|
$this->authenticationEntryPoint = $authenticationEntryPoint;
|
||||||
$this->authenticationTrustResolver = $trustResolver;
|
$this->authenticationTrustResolver = $trustResolver;
|
||||||
$this->errorPage = $errorPage;
|
$this->errorPage = $errorPage;
|
||||||
@ -180,7 +182,7 @@ class ExceptionListener
|
|||||||
{
|
{
|
||||||
// session isn't required when using http basic authentication mechanism for example
|
// session isn't required when using http basic authentication mechanism for example
|
||||||
if ($request->hasSession()) {
|
if ($request->hasSession()) {
|
||||||
$request->getSession()->set('_security.target_path', $request->getUri());
|
$request->getSession()->set('_security.' . $this->providerKey . '.target_path', $request->getUri());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user