diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticationCommencingTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticationCommencingTest.php new file mode 100644 index 0000000000..157472fb1e --- /dev/null +++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticationCommencingTest.php @@ -0,0 +1,15 @@ +createClient(array('test_case' => 'StandardFormLogin', 'root_config' => 'config.yml')); + $client->insulate(); + + $client->request('GET', '/secure-but-not-covered-by-access-control'); + $this->assertRedirect($client->getResponse(), '/login'); + } +} \ No newline at end of file diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php index 2781509dc7..0e48ff2f19 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php @@ -11,6 +11,7 @@ namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FormLoginBundle\Controller; +use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\DependencyInjection\ContainerAware; @@ -42,4 +43,9 @@ class LoginController extends ContainerAware { return new Response('', 400); } + + public function secureAction() + { + throw new \Exception('Wrapper', 0, new \Exception('Another Wrapper', 0, new AccessDeniedException())); + } } diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Resources/config/routing.yml b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Resources/config/routing.yml index 5fab7f17d1..7660608c08 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Resources/config/routing.yml +++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Resources/config/routing.yml @@ -25,3 +25,6 @@ form_login_redirect_to_protected_resource_after_login: form_logout: pattern: /logout_path +form_secure_action: + pattern: /secure-but-not-covered-by-access-control + defaults: { _controller: FormLoginBundle:Login:secure } \ No newline at end of file diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml index 7c60e3c3e4..f4b21982ac 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml +++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/config.yml @@ -26,5 +26,6 @@ security: access_control: - { path: ^/unprotected_resource$, roles: IS_AUTHENTICATED_ANONYMOUSLY } + - { path: ^/secure-but-not-covered-by-access-control$, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/highly_protected_resource$, roles: IS_ADMIN } - { path: .*, roles: IS_AUTHENTICATED_FULLY } diff --git a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php index c75739080f..46ffde83e6 100644 --- a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php @@ -76,6 +76,11 @@ class ExceptionListener $exception = $event->getException(); $request = $event->getRequest(); + // determine the actual cause for the exception + while (null !== $previous = $exception->getPrevious()) { + $exception = $previous; + } + if ($exception instanceof AuthenticationException) { if (null !== $this->logger) { $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage()));