fixes #1659

2011-07-19 20:51:30 +02:00 · 2011-07-19 20:51:30 +02:00 · d0a175b6cd
commit d0a175b6cd
parent f300edebe4
5 changed files with 30 additions and 0 deletions
--- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticationCommencingTest.php
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticationCommencingTest.php
@ -0,0 +1,15 @@
+<?php
+
+namespace Symfony\Bundle\Securitybundle\Tests\Functional;
+
+class AuthenticationCommencingTest extends WebTestCase
+{
+    public function testAuthenticationIsCommencingIfAccessDeniedExceptionIsWrapped()
+    {
+        $client = $this->createClient(array('test_case' => 'StandardFormLogin', 'root_config' => 'config.yml'));
+        $client->insulate();
+
+        $client->request('GET', '/secure-but-not-covered-by-access-control');
+        $this->assertRedirect($client->getResponse(), '/login');
+    }
+}
--- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php
@ -11,6 +11,7 @@

 namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FormLoginBundle\Controller;

+use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\SecurityContext;
 use Symfony\Component\DependencyInjection\ContainerAware;
@ -42,4 +43,9 @@ class LoginController extends ContainerAware
    {
        return new Response('', 400);
    }
+
+    public function secureAction()
+    {
+        throw new \Exception('Wrapper', 0, new \Exception('Another Wrapper', 0, new AccessDeniedException()));
+    }
 }
--- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Resources/config/routing.yml
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Resources/config/routing.yml
@ -25,3 +25,6 @@ form_login_redirect_to_protected_resource_after_login:
 form_logout:
    pattern: /logout_path

+form_secure_action:
+    pattern: /secure-but-not-covered-by-access-control
+    defaults: { _controller: FormLoginBundle:Login:secure }
--- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml
@ -26,5 +26,6 @@ security:

    access_control:
        - { path: ^/unprotected_resource$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/secure-but-not-covered-by-access-control$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/highly_protected_resource$, roles: IS_ADMIN }
        - { path: .*, roles: IS_AUTHENTICATED_FULLY }
--- a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
@ -76,6 +76,11 @@ class ExceptionListener
        $exception = $event->getException();
        $request = $event->getRequest();

+        // determine the actual cause for the exception
+        while (null !== $previous = $exception->getPrevious()) {
+            $exception = $previous;
+        }
+
        if ($exception instanceof AuthenticationException) {
            if (null !== $this->logger) {
                $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage()));