Added a small Upgrade note regarding security.context
This commit is contained in:
parent
d209d1c35a
commit
ade1fef3ae
@ -643,3 +643,25 @@ FrameworkBundle
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Security
|
||||||
|
---------------
|
||||||
|
|
||||||
|
* Injection of the `security.context` service has been reduced to a bare minimum. This means
|
||||||
|
that arguments that once hinted `SecurityContext` or `SecurityContextInterface` will have
|
||||||
|
to be updated accordingly to either the `TokenStorageInterface` or `AuthorizationCheckerInterface`.
|
||||||
|
The following classes now require the `security.token_storage` service instead of the `security.context`,
|
||||||
|
please update your extending implementations accordingly.
|
||||||
|
|
||||||
|
* `AbstractAuthenticationListener`
|
||||||
|
* `AnonymousAuthenticationListener`
|
||||||
|
* `ContextListener`
|
||||||
|
* `SimplePreAuthenticationListener`
|
||||||
|
* `X509AuthenticationListener`
|
||||||
|
* `RemoteUserAuthenticationListener`
|
||||||
|
* `BasicAuthenticationListener`
|
||||||
|
* `DigestAuthenticationListener`
|
||||||
|
* `ExceptionListener`
|
||||||
|
* `SwitchUserListener`
|
||||||
|
* `AccessListener`
|
||||||
|
* `RememberMeListener`
|
||||||
|
@ -14,7 +14,6 @@ namespace Symfony\Bundle\FrameworkBundle\Templating;
|
|||||||
use Symfony\Component\DependencyInjection\ContainerInterface;
|
use Symfony\Component\DependencyInjection\ContainerInterface;
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\Session\Session;
|
use Symfony\Component\HttpFoundation\Session\Session;
|
||||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
|
||||||
use Symfony\Component\Security\Core\SecurityContext;
|
use Symfony\Component\Security\Core\SecurityContext;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -101,7 +101,7 @@ class ContextListener implements ListenerInterface
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Writes the SecurityContext to the session.
|
* Writes the security token into the session.
|
||||||
*
|
*
|
||||||
* @param FilterResponseEvent $event A FilterResponseEvent instance
|
* @param FilterResponseEvent $event A FilterResponseEvent instance
|
||||||
*/
|
*/
|
||||||
@ -121,10 +121,6 @@ class ContextListener implements ListenerInterface
|
|||||||
$request = $event->getRequest();
|
$request = $event->getRequest();
|
||||||
$session = $request->getSession();
|
$session = $request->getSession();
|
||||||
|
|
||||||
if (null === $session) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ((null === $token = $this->tokenStorage->getToken()) || ($token instanceof AnonymousToken)) {
|
if ((null === $token = $this->tokenStorage->getToken()) || ($token instanceof AnonymousToken)) {
|
||||||
if ($request->hasPreviousSession()) {
|
if ($request->hasPreviousSession()) {
|
||||||
$session->remove($this->sessionKey);
|
$session->remove($this->sessionKey);
|
||||||
|
@ -36,8 +36,8 @@ interface RememberMeServicesInterface
|
|||||||
const COOKIE_ATTR_NAME = '_security_remember_me_cookie';
|
const COOKIE_ATTR_NAME = '_security_remember_me_cookie';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This method will be called whenever the SecurityContext does not contain
|
* This method will be called whenever the TokenStorage does not contain
|
||||||
* an TokenInterface object and the framework wishes to provide an implementation
|
* a TokenInterface object and the framework wishes to provide an implementation
|
||||||
* with an opportunity to authenticate the request using remember-me capabilities.
|
* with an opportunity to authenticate the request using remember-me capabilities.
|
||||||
*
|
*
|
||||||
* No attempt whatsoever is made to determine whether the browser has requested
|
* No attempt whatsoever is made to determine whether the browser has requested
|
||||||
|
@ -27,7 +27,7 @@ interface SessionAuthenticationStrategyInterface
|
|||||||
/**
|
/**
|
||||||
* This performs any necessary changes to the session.
|
* This performs any necessary changes to the session.
|
||||||
*
|
*
|
||||||
* This method is called before the SecurityContext is populated with a
|
* This method is called before the TokenStorage is populated with a
|
||||||
* Token, and only by classes inheriting from AbstractAuthenticationListener.
|
* Token, and only by classes inheriting from AbstractAuthenticationListener.
|
||||||
*
|
*
|
||||||
* @param Request $request
|
* @param Request $request
|
||||||
|
Reference in New Issue
Block a user