diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,773 Commits 24 Branches 563 Tags 228 MiB
411a382d80
Commit Graph

106 Commits

Author SHA1 Message Date
Johannes Schmitt
70867f06e9 re-added a __toString method for debugging purposes 2011-03-12 13:24:57 +01:00
Klaas Naaijkens
02cb362ae6 use username instead of token object in logging 2011-03-12 13:24:57 +01:00
Johannes Schmitt
97125269d2 [Security] fixed some tests 2011-03-11 12:50:52 +01:00
Johannes Schmitt
d8022e34eb [Security] removed core.security event 2011-03-11 01:43:22 +01:00
Johannes M. Schmitt
3d97638813 [Security] refactored remember-me code 2011-03-11 01:19:55 +01:00
Johannes M. Schmitt
a64cc0e3cc [Security] some more visibility changes 2011-03-10 10:25:33 +01:00
Johannes M. Schmitt
13665fc113 [Security] added some more tests 2011-03-10 10:25:33 +01:00
Johannes M. Schmitt
5127ece259 [Security] fixed some left-overs 2011-03-10 10:25:32 +01:00
Johannes Schmitt
1d5538fc60 [Security] various changes, see below 
- visibility changes from protected to private
- AccountInterface -> UserInterface
- SecurityContext::vote() -> SecurityContext::isGranted()
 2011-03-10 10:25:32 +01:00
Fabien Potencier
8c423edfef replaced symfony-project.org by symfony.com 2011-03-06 12:40:06 +01:00
Johannes Schmitt
b67a1dd677 [Security] forward the entire access denied exception instead of only the message 2011-03-05 14:30:08 +01:00
Johannes Schmitt
63dbcea8ee Merge branch 'lewinski-fix-acl-schema-generator' into security 2011-03-05 14:13:53 +01:00
Johannes Schmitt
0eb4f49061 Merge branch 'fix-acl-schema-generator' of https://github.com/lewinski/symfony into lewinski-fix-acl-schema-generator 2011-03-05 13:54:10 +01:00
Johannes Schmitt
4c7aa343d3 Merge branch 'opensky-hotfix/remember-me-token-fix' into security 2011-03-05 13:51:52 +01:00
Johannes Schmitt
e03958f5b0 Merge branch 'cyqui-TICKET_9557' into security 2011-03-05 13:50:14 +01:00
Johannes Schmitt
f82b89cdc5 [Security] changed defaults for MessageDigestEncoder 
- encode_as_base64 set to true
- iterations increased to 5000 from 1
 2011-03-05 13:45:35 +01:00
Cyril Quintin
310a6c99a2 TICKET #9557: session isn't required when using http basic authentification mecanism for example 2011-03-05 13:33:56 +01:00
Johannes Schmitt
f010742e45 [Security] improved entropy to make collision attacks harder 2011-03-05 13:30:27 +01:00
Bulat Shakirzyanov
dbde41c082 [Security] added the 'key' attribute of RememberMeToken to serialized string to be stored in session 2011-03-04 13:26:08 -05:00
Pascal Borreli
843d5a8399 [Security] Fixed Typo 2011-03-01 18:58:08 +01:00
Matthew Lewinski
cde5f528c2 Fix the Acl schema generator script. 
Change 3e818846 in doctrine/dbal introduced a number of new classes in
the Doctrine\DBAL\Platforms\Keywords namespace, so we need to be more
careful here when generating Acl schema, so as to only load Platform
classes and not any others in the same directory.
 2011-02-27 16:56:47 -06:00
Fabien Potencier
c99a44b1e8 Merge remote branch 'schmittjoh/security' 
* schmittjoh/security:
  [Security] added method to retrieve the configured remember-me parameter
  [Security] Copy token attributes when auth providers create a new token from another
 2011-02-27 22:20:44 +01:00
Fabien Potencier
cdf6851eb3 fixed merge 2011-02-27 21:16:13 +01:00
Fabien Potencier
49f84f1997 Merge remote branch 'lsmith77/code_analyzer_2011_02_27' 
* lsmith77/code_analyzer_2011_02_27:
  corrected NonceExpiredException namespace
  issues found by static code analysis
 2011-02-27 21:12:31 +01:00
Christophe Coevoet
92bfbf575c Fixed CS 2011-02-27 20:56:29 +01:00
Lukas Kahwe Smith
2bf30f8bb7 corrected NonceExpiredException namespace 2011-02-27 19:46:40 +01:00
Lukas Kahwe Smith
4b3c49550f issues found by static code analysis 2011-02-27 19:34:02 +01:00
Pascal Borreli
787812d968 [Security] Removed useless else 2011-02-27 18:36:38 +01:00
Johannes Schmitt
97ee92e7b0 Merge branch 'CopyTokenAttributesInProviders' of https://github.com/opensky/symfony into opensky-CopyTokenAttributesInProviders 2011-02-26 21:47:57 +01:00
Johannes Schmitt
621a79f1f2 [Security] added method to retrieve the configured remember-me parameter 2011-02-26 21:44:40 +01:00
Pascal Borreli
2fbb8e07f8 [Security] Fixed typo 2011-02-26 20:02:06 +01:00
Jeremy Mikola
5113886f34 [Security] Copy token attributes when auth providers create a new token from another 
PreAuthenticatedAuthenticationProvider and UserAuthenticationProvider tend to copy a token instead of modifying it during their authenticate() methods, which is probably a good idea if the token might be immutable. Ensure that the token's attributes get copied along with everything else.
 2011-02-23 16:03:01 -05:00
Fabien Potencier
f54cedfe5e added LICENSE files for the subtree repositories 2011-02-22 18:58:15 +01:00
Fabien Potencier
353177d1d6 replaced Response::createRedirect by a new RedirectResponse class 2011-02-21 18:10:53 +01:00
Fabien Potencier
d94acd85f9 remove response as a service 
The Response is not available in the DIC anymore.

When you need to create a response, create an instance of
Symfony\Component\HttpFoundation\Response instead.

As a side effect, the Controller::createResponse() and Controller::redirect()
methods have been removed and can easily be replaced as follows:

  return $this->createResponse('content', 200, array('foo' => 'bar'));
  return new Response('content', 200, array('foo' => 'bar'));

  return $this->redirect($url);
  return Response::createRedirect($url);
 2011-02-21 17:36:04 +01:00
Johannes M. Schmitt
53f3ff8258 [Security] adds a chain user provider 2011-02-16 23:00:27 +01:00
Johannes Schmitt
82c6844147 [Security] moved Security classes out of DoctrineBundle, cleaned-up SecurityExtension accordingly 
Note that this commit removes the built-in support for MongoDB user providers.
This code can be moved back in once there is a stable release for MongoDB, but
for now you have to set-up that user provider just like you would set-up any
custom user provider:

    security:
         providers:
             document_provider:
                 id: my.mongo.provider
 2011-02-16 23:00:27 +01:00
Johannes Schmitt
dfd921822a [Security/Http] Adds CSRF protection to the form-login 2011-02-16 23:00:27 +01:00
Johannes M. Schmitt
d22743cf3a [Security] removed defaults from boolean columns 2011-02-16 23:00:27 +01:00
Victor Berchet
1d7f8120e0 Update code with latest Finder changes 2011-02-16 22:53:11 +01:00
Jeremy Mikola
cc4eb6b40f [Security] Add providerKey to PreAuthenticatedToken tokens constructed by PreAuthenticatedAuthenticationProvider 2011-02-15 21:55:24 +01:00
Jeremy Mikola
b8d574087f [Security] Allow authentication tokens to hold attributes 2011-02-15 21:50:02 +01:00
Johannes M. Schmitt
bc05bef2b9 [Security] fixes a bug in DigestAuthenticationListener 2011-02-14 20:55:07 +01:00
Johannes M. Schmitt
44b89e5ac3 [Security] fixes a bug when clearing cookies on logout 2011-02-14 20:55:07 +01:00
Johannes Schmitt
b685b3ab4d [Security] adds logout success handler 2011-02-14 20:55:07 +01:00
Johannes Schmitt
9e6fc0a11e [Security] fixes a bug where authentication errors might have leaked confidential information 2011-02-14 20:55:06 +01:00
Johannes Schmitt
5c7fe8f866 [Security] simplified encoder factory implementation 2011-02-14 20:55:06 +01:00
Johannes M. Schmitt
b9f4eab5c2 [Security/Acl] added pre-generated schemas 2011-02-14 20:55:06 +01:00
Deni
657f90a931 [Security] Fixed missed argument in call custom handler when authentication is successful. 2011-02-13 22:27:28 +01:00
dordille
205621dee8 Changed namepace use of SecurityContext to SecurityContextInterface so that constant SecurityContextInterface::LAST_USERNAME would resolve properly 
Also changed method signature of __construct to take and instance of SecurityContextInterface instead of SecurityContext
 2011-02-13 10:36:15 +01:00