Johannes Schmitt
70867f06e9
re-added a __toString method for debugging purposes
2011-03-12 13:24:57 +01:00
Klaas Naaijkens
02cb362ae6
use username instead of token object in logging
2011-03-12 13:24:57 +01:00
Johannes Schmitt
97125269d2
[Security] fixed some tests
2011-03-11 12:50:52 +01:00
Johannes Schmitt
d8022e34eb
[Security] removed core.security event
2011-03-11 01:43:22 +01:00
Johannes M. Schmitt
3d97638813
[Security] refactored remember-me code
2011-03-11 01:19:55 +01:00
Johannes M. Schmitt
a64cc0e3cc
[Security] some more visibility changes
2011-03-10 10:25:33 +01:00
Johannes M. Schmitt
13665fc113
[Security] added some more tests
2011-03-10 10:25:33 +01:00
Johannes M. Schmitt
5127ece259
[Security] fixed some left-overs
2011-03-10 10:25:32 +01:00
Johannes Schmitt
1d5538fc60
[Security] various changes, see below
...
- visibility changes from protected to private
- AccountInterface -> UserInterface
- SecurityContext::vote() -> SecurityContext::isGranted()
2011-03-10 10:25:32 +01:00
Fabien Potencier
8c423edfef
replaced symfony-project.org by symfony.com
2011-03-06 12:40:06 +01:00
Johannes Schmitt
b67a1dd677
[Security] forward the entire access denied exception instead of only the message
2011-03-05 14:30:08 +01:00
Johannes Schmitt
63dbcea8ee
Merge branch 'lewinski-fix-acl-schema-generator' into security
2011-03-05 14:13:53 +01:00
Johannes Schmitt
0eb4f49061
Merge branch 'fix-acl-schema-generator' of https://github.com/lewinski/symfony into lewinski-fix-acl-schema-generator
2011-03-05 13:54:10 +01:00
Johannes Schmitt
4c7aa343d3
Merge branch 'opensky-hotfix/remember-me-token-fix' into security
2011-03-05 13:51:52 +01:00
Johannes Schmitt
e03958f5b0
Merge branch 'cyqui-TICKET_9557' into security
2011-03-05 13:50:14 +01:00
Johannes Schmitt
f82b89cdc5
[Security] changed defaults for MessageDigestEncoder
...
- encode_as_base64 set to true
- iterations increased to 5000 from 1
2011-03-05 13:45:35 +01:00
Cyril Quintin
310a6c99a2
TICKET #9557 : session isn't required when using http basic authentification mecanism for example
2011-03-05 13:33:56 +01:00
Johannes Schmitt
f010742e45
[Security] improved entropy to make collision attacks harder
2011-03-05 13:30:27 +01:00
Bulat Shakirzyanov
dbde41c082
[Security] added the 'key' attribute of RememberMeToken to serialized string to be stored in session
2011-03-04 13:26:08 -05:00
Pascal Borreli
843d5a8399
[Security] Fixed Typo
2011-03-01 18:58:08 +01:00
Matthew Lewinski
cde5f528c2
Fix the Acl schema generator script.
...
Change 3e818846 in doctrine/dbal introduced a number of new classes in
the Doctrine\DBAL\Platforms\Keywords namespace, so we need to be more
careful here when generating Acl schema, so as to only load Platform
classes and not any others in the same directory.
2011-02-27 16:56:47 -06:00
Fabien Potencier
c99a44b1e8
Merge remote branch 'schmittjoh/security'
...
* schmittjoh/security:
[Security] added method to retrieve the configured remember-me parameter
[Security] Copy token attributes when auth providers create a new token from another
2011-02-27 22:20:44 +01:00
Fabien Potencier
cdf6851eb3
fixed merge
2011-02-27 21:16:13 +01:00
Fabien Potencier
49f84f1997
Merge remote branch 'lsmith77/code_analyzer_2011_02_27'
...
* lsmith77/code_analyzer_2011_02_27:
corrected NonceExpiredException namespace
issues found by static code analysis
2011-02-27 21:12:31 +01:00
Christophe Coevoet
92bfbf575c
Fixed CS
2011-02-27 20:56:29 +01:00
Lukas Kahwe Smith
2bf30f8bb7
corrected NonceExpiredException namespace
2011-02-27 19:46:40 +01:00
Lukas Kahwe Smith
4b3c49550f
issues found by static code analysis
2011-02-27 19:34:02 +01:00
Pascal Borreli
787812d968
[Security] Removed useless else
2011-02-27 18:36:38 +01:00
Johannes Schmitt
97ee92e7b0
Merge branch 'CopyTokenAttributesInProviders' of https://github.com/opensky/symfony into opensky-CopyTokenAttributesInProviders
2011-02-26 21:47:57 +01:00
Johannes Schmitt
621a79f1f2
[Security] added method to retrieve the configured remember-me parameter
2011-02-26 21:44:40 +01:00
Pascal Borreli
2fbb8e07f8
[Security] Fixed typo
2011-02-26 20:02:06 +01:00
Jeremy Mikola
5113886f34
[Security] Copy token attributes when auth providers create a new token from another
...
PreAuthenticatedAuthenticationProvider and UserAuthenticationProvider tend to copy a token instead of modifying it during their authenticate() methods, which is probably a good idea if the token might be immutable. Ensure that the token's attributes get copied along with everything else.
2011-02-23 16:03:01 -05:00
Fabien Potencier
f54cedfe5e
added LICENSE files for the subtree repositories
2011-02-22 18:58:15 +01:00
Fabien Potencier
353177d1d6
replaced Response::createRedirect by a new RedirectResponse class
2011-02-21 18:10:53 +01:00
Fabien Potencier
d94acd85f9
remove response as a service
...
The Response is not available in the DIC anymore.
When you need to create a response, create an instance of
Symfony\Component\HttpFoundation\Response instead.
As a side effect, the Controller::createResponse() and Controller::redirect()
methods have been removed and can easily be replaced as follows:
return $this->createResponse('content', 200, array('foo' => 'bar'));
return new Response('content', 200, array('foo' => 'bar'));
return $this->redirect($url);
return Response::createRedirect($url);
2011-02-21 17:36:04 +01:00
Johannes M. Schmitt
53f3ff8258
[Security] adds a chain user provider
2011-02-16 23:00:27 +01:00
Johannes Schmitt
82c6844147
[Security] moved Security classes out of DoctrineBundle, cleaned-up SecurityExtension accordingly
...
Note that this commit removes the built-in support for MongoDB user providers.
This code can be moved back in once there is a stable release for MongoDB, but
for now you have to set-up that user provider just like you would set-up any
custom user provider:
security:
providers:
document_provider:
id: my.mongo.provider
2011-02-16 23:00:27 +01:00
Johannes Schmitt
dfd921822a
[Security/Http] Adds CSRF protection to the form-login
2011-02-16 23:00:27 +01:00
Johannes M. Schmitt
d22743cf3a
[Security] removed defaults from boolean columns
2011-02-16 23:00:27 +01:00
Victor Berchet
1d7f8120e0
Update code with latest Finder changes
2011-02-16 22:53:11 +01:00
Jeremy Mikola
cc4eb6b40f
[Security] Add providerKey to PreAuthenticatedToken tokens constructed by PreAuthenticatedAuthenticationProvider
2011-02-15 21:55:24 +01:00
Jeremy Mikola
b8d574087f
[Security] Allow authentication tokens to hold attributes
2011-02-15 21:50:02 +01:00
Johannes M. Schmitt
bc05bef2b9
[Security] fixes a bug in DigestAuthenticationListener
2011-02-14 20:55:07 +01:00
Johannes M. Schmitt
44b89e5ac3
[Security] fixes a bug when clearing cookies on logout
2011-02-14 20:55:07 +01:00
Johannes Schmitt
b685b3ab4d
[Security] adds logout success handler
2011-02-14 20:55:07 +01:00
Johannes Schmitt
9e6fc0a11e
[Security] fixes a bug where authentication errors might have leaked confidential information
2011-02-14 20:55:06 +01:00
Johannes Schmitt
5c7fe8f866
[Security] simplified encoder factory implementation
2011-02-14 20:55:06 +01:00
Johannes M. Schmitt
b9f4eab5c2
[Security/Acl] added pre-generated schemas
2011-02-14 20:55:06 +01:00
Deni
657f90a931
[Security] Fixed missed argument in call custom handler when authentication is successful.
2011-02-13 22:27:28 +01:00
dordille
205621dee8
Changed namepace use of SecurityContext to SecurityContextInterface so that constant SecurityContextInterface::LAST_USERNAME would resolve properly
...
Also changed method signature of __construct to take and instance of SecurityContextInterface instead of SecurityContext
2011-02-13 10:36:15 +01:00