Johannes Schmitt
b67a1dd677
[Security] forward the entire access denied exception instead of only the message
2011-03-05 14:30:08 +01:00
Cyril Quintin
310a6c99a2
TICKET #9557 : session isn't required when using http basic authentification mecanism for example
2011-03-05 13:33:56 +01:00
Pascal Borreli
843d5a8399
[Security] Fixed Typo
2011-03-01 18:58:08 +01:00
Fabien Potencier
c99a44b1e8
Merge remote branch 'schmittjoh/security'
...
* schmittjoh/security:
[Security] added method to retrieve the configured remember-me parameter
[Security] Copy token attributes when auth providers create a new token from another
2011-02-27 22:20:44 +01:00
Pascal Borreli
787812d968
[Security] Removed useless else
2011-02-27 18:36:38 +01:00
Johannes Schmitt
621a79f1f2
[Security] added method to retrieve the configured remember-me parameter
2011-02-26 21:44:40 +01:00
Pascal Borreli
2fbb8e07f8
[Security] Fixed typo
2011-02-26 20:02:06 +01:00
Fabien Potencier
353177d1d6
replaced Response::createRedirect by a new RedirectResponse class
2011-02-21 18:10:53 +01:00
Fabien Potencier
d94acd85f9
remove response as a service
...
The Response is not available in the DIC anymore.
When you need to create a response, create an instance of
Symfony\Component\HttpFoundation\Response instead.
As a side effect, the Controller::createResponse() and Controller::redirect()
methods have been removed and can easily be replaced as follows:
return $this->createResponse('content', 200, array('foo' => 'bar'));
return new Response('content', 200, array('foo' => 'bar'));
return $this->redirect($url);
return Response::createRedirect($url);
2011-02-21 17:36:04 +01:00
Johannes Schmitt
82c6844147
[Security] moved Security classes out of DoctrineBundle, cleaned-up SecurityExtension accordingly
...
Note that this commit removes the built-in support for MongoDB user providers.
This code can be moved back in once there is a stable release for MongoDB, but
for now you have to set-up that user provider just like you would set-up any
custom user provider:
security:
providers:
document_provider:
id: my.mongo.provider
2011-02-16 23:00:27 +01:00
Johannes Schmitt
dfd921822a
[Security/Http] Adds CSRF protection to the form-login
2011-02-16 23:00:27 +01:00
Johannes M. Schmitt
bc05bef2b9
[Security] fixes a bug in DigestAuthenticationListener
2011-02-14 20:55:07 +01:00
Johannes M. Schmitt
44b89e5ac3
[Security] fixes a bug when clearing cookies on logout
2011-02-14 20:55:07 +01:00
Johannes Schmitt
b685b3ab4d
[Security] adds logout success handler
2011-02-14 20:55:07 +01:00
Johannes Schmitt
9e6fc0a11e
[Security] fixes a bug where authentication errors might have leaked confidential information
2011-02-14 20:55:06 +01:00
Deni
657f90a931
[Security] Fixed missed argument in call custom handler when authentication is successful.
2011-02-13 22:27:28 +01:00
dordille
205621dee8
Changed namepace use of SecurityContext to SecurityContextInterface so that constant SecurityContextInterface::LAST_USERNAME would resolve properly
...
Also changed method signature of __construct to take and instance of SecurityContextInterface instead of SecurityContext
2011-02-13 10:36:15 +01:00
Johannes M. Schmitt
3dfc09cd8d
[Security] fixes some regressions
2011-02-13 00:15:57 +01:00
Johannes Schmitt
19bbafc441
[Security] Refactored security context, moved getUser() implementation to templating
2011-02-12 21:53:04 +01:00
Christophe Coevoet
74b87294c2
Fixed access denied handling
2011-02-10 15:32:59 +01:00
Fabien Potencier
37537e3e8c
fixed previous commit
2011-02-04 19:38:42 +01:00
Lukas Kahwe Smith
dd71501f54
some fixes by just "blindly" trying to make phpStorm code analysis happier
2011-02-04 19:30:28 +01:00
Lukas Kahwe Smith
661d5d236c
fixed method call, cosmetic variable rename
2011-02-04 00:32:15 +01:00
Fabien Potencier
5288381f61
Revert "[Security] Missing Event namespace in SwitchUserListener"
...
This reverts commit 0169892dcd
.
2011-02-02 14:35:29 +01:00
Jeremy Mikola
0169892dcd
[Security] Missing Event namespace in SwitchUserListener
2011-02-02 11:32:56 +01:00
Johannes M. Schmitt
2b697423b4
[Security] bug fix in FormAuthenticationEntryPoint
2011-02-02 11:31:28 +01:00
Johannes M. Schmitt
fbc21fedf7
[Security] some bug fixes
2011-02-02 11:31:28 +01:00
Sergey Linnik
92ddaa11cd
Fixed typo
2011-01-28 18:46:27 +01:00
Bulat Shakirzyanov
81219bba15
[Security] fixed typo
2011-01-28 18:20:59 +01:00
Johannes M. Schmitt
8ccb8eb8c2
added two events "security.interactive_login", and "security.switch_user"
2011-01-27 13:49:01 +01:00
Johannes M. Schmitt
00d3d8c3bc
renamed PreAuthenticatedListener to AbstractPreAuthenticatedListener to be consistent
2011-01-27 13:49:01 +01:00
Johannes Schmitt
139510a78e
added some doc comments
2011-01-27 13:49:00 +01:00
Johannes M. Schmitt
cf64d2cfe7
namespace changes
...
Symfony\Component\Security -> Symfony\Component\Security\Core
Symfony\Component\Security\Acl remains unchanged
Symfony\Component\HttpKernel\Security -> Symfony\Component\Security\Http
2011-01-26 22:23:20 +01:00