Kris Wallsmith
c51fc105f4
avoid fatal error on invalid session
2012-08-07 14:21:04 -04:00
Fabien Potencier
5878490b16
removed unused use statements
2011-11-24 07:16:14 +01:00
Fabien Potencier
0462a89562
[Security] fixed HttpUtils::checkRequestPath() to not catch all exceptions ( closes #2637 )
2011-11-14 13:10:32 +01:00
Henrik Westphal
dec1858223
Fixed typo
2011-10-31 09:00:49 +01:00
Fabien Potencier
851eb73778
removed unused use statements
2011-10-29 11:56:30 +02:00
Fabien Potencier
b4028350d2
[HttpFoundation] standardized cookie paths (an empty path is equivalent to /)
2011-09-28 10:49:50 +02:00
Johannes Schmitt
f300edebe4
fixes several bugs
2011-07-19 16:21:58 +02:00
Johannes Schmitt
b7c4806a5a
[Security] fixes #1329
2011-07-13 18:10:58 +02:00
Francis Besset
f91f4dda13
Added the possibility to set cookies with the same name for different domains and paths for Symfony\Component\HttpFoundation\ResponseHeaderBag
...
ResponseHeaderBag::hasCookie() and ResponseHeaderBag::getCookie() were removed
2011-07-11 23:03:26 +02:00
Fabien Potencier
2f51bc3ef3
[Security] fixed tests
2011-07-11 08:28:02 +02:00
Fabien Potencier
4f8a98033a
[Security] removed a hack
2011-07-05 11:00:08 +02:00
Fabien Potencier
cc03b73253
merged branch Herzult/testSecurity (PR #1447 )
...
Commits
-------
164aea4
[Security] Add tests for the channel listener
d51cbc0
[Security] Remove useless attribute in basic authentication listener & test it
91e6dc9
[Security] Add tests for the anonymous authentication listener
3c2affb
[Security] Update access listener constructor's prototype and add tests
81afd77
[Security] Add tests for the firewall map
aa6ae33
[Security] Remove useless attribute & var in firewall
Discussion
----------
Test security
---------------------------------------------------------------------------
by lsmith77 at 2011/06/29 13:41:07 -0700
@schmittjoh is probably the person to review this change ..
2011-07-04 12:47:32 +02:00
Antoine Hérault
164aea448a
[Security] Add tests for the channel listener
2011-06-26 11:56:08 +02:00
Antoine Hérault
d51cbc09b4
[Security] Remove useless attribute in basic authentication listener & test it
2011-06-26 11:29:43 +02:00
Antoine Hérault
91e6dc9fef
[Security] Add tests for the anonymous authentication listener
2011-06-26 11:28:17 +02:00
Antoine Hérault
3c2affb7e7
[Security] Update access listener constructor's prototype and add tests
2011-06-26 10:28:10 +02:00
Antoine Hérault
81afd77ed9
[Security] Add tests for the firewall map
2011-06-26 00:26:42 +02:00
Antoine Hérault
aa6ae33765
[Security] Remove useless attribute & var in firewall
2011-06-25 19:04:35 +02:00
Antoine Hérault
e43cd206b0
[Security] Fix http retry authentication entry point
2011-06-25 18:19:13 +02:00
Antoine Hérault
cb3ad8bb79
[Security] Fix http form authentication entry point
2011-06-25 18:01:08 +02:00
Antoine Hérault
1dfb637858
[Security] Fix http digest authentication entry point
2011-06-25 17:43:23 +02:00
Antoine Hérault
920a209bbc
[Security] Fix http basic authentication entry point
2011-06-25 17:15:23 +02:00
Fabien Potencier
1436d8dab7
[Security] added an HttpUtils class to manage logic related to Requests and Responses
...
This change removes the need for the {_locale} hack.
Now, all paths in the Security component can be:
* An absolute path (/login)
* An absolute URL (http://symfony.com/login )
* A route name (login)
So, if you want to use a path that includes a global parameter (like _locale),
use a route instead of a path.
2011-06-22 14:47:19 +02:00
Fabien Potencier
17cd08dc6c
fixed CS
2011-06-08 19:56:59 +02:00
Fabien Potencier
65200aa86a
added missing license headers
2011-05-31 10:57:06 +02:00
Fabien Potencier
66c4bc727c
[HttpFoundation] renamed Cookie::getExpire() to getExpiresTime() to be consistent with the DomCrawler component
2011-04-13 20:10:39 +02:00
Bernhard Schussek
466f1b99c5
[Security] Fixed method names in the Firewall listeners
2011-03-17 13:24:23 +01:00
Bernhard Schussek
06c682b4fb
Switched from Doctrine's EventManager implementation to the EventManager clone in Symfony2 (now called EventDispatcher again)
2011-03-13 19:49:10 +01:00
Bernhard Schussek
25931caeab
Merge remote branch 'symfony/master' into event-manager
...
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Debug/TraceableEventManager.php
src/Symfony/Bundle/WebProfilerBundle/WebDebugToolbarListener.php
src/Symfony/Component/Security/Http/Firewall.php
src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/AbstractPreAuthenticatedListener.php
src/Symfony/Component/Security/Http/Firewall/AccessListener.php
src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/ChannelListener.php
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
src/Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
src/Symfony/Component/Security/Http/Firewall/ListenerInterface.php
src/Symfony/Component/Security/Http/Firewall/LogoutListener.php
src/Symfony/Component/Security/Http/Firewall/RememberMeListener.php
src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php
tests/Symfony/Tests/Component/Security/Http/Firewall/RememberMeListenerTest.php
2011-03-13 19:15:25 +01:00
Johannes Schmitt
97125269d2
[Security] fixed some tests
2011-03-11 12:50:52 +01:00
Johannes M. Schmitt
3d97638813
[Security] refactored remember-me code
2011-03-11 01:19:55 +01:00
Johannes Schmitt
1d5538fc60
[Security] various changes, see below
...
- visibility changes from protected to private
- AccountInterface -> UserInterface
- SecurityContext::vote() -> SecurityContext::isGranted()
2011-03-10 10:25:32 +01:00
Bernhard Schussek
2cf3779a2c
Renamed EventArgs classes and adapted remaining code to EventManager
...
The only missing part is ContainerAwareEventManager::addEventSubscriberService(),
because I'm not sure how to find out the class name of a service in the DIC.
Also, inline documentation of this code needs to be finished once it is accepted.
2011-03-07 19:16:05 +01:00
Fabien Potencier
8c423edfef
replaced symfony-project.org by symfony.com
2011-03-06 12:40:06 +01:00
Hugo Hamon
cd5d1bd62e
[Security] renamed Cookie::isHttponly() to Cookie::isHttpOnly()
2011-03-03 14:52:53 +01:00
Johannes Schmitt
621a79f1f2
[Security] added method to retrieve the configured remember-me parameter
2011-02-26 21:44:40 +01:00
Johannes M. Schmitt
44b89e5ac3
[Security] fixes a bug when clearing cookies on logout
2011-02-14 20:55:07 +01:00
Johannes M. Schmitt
cf64d2cfe7
namespace changes
...
Symfony\Component\Security -> Symfony\Component\Security\Core
Symfony\Component\Security\Acl remains unchanged
Symfony\Component\HttpKernel\Security -> Symfony\Component\Security\Http
2011-01-26 22:23:20 +01:00