49a8654cb8
On the advice of @schmittjoh, this commit adds a LogoutException class for use by LogoutListener if the CSRF token is invalid. The handling in the Security component's ExceptionListener is modeled after AccessDeniedException, which gets wrapped in an AccessDeniedHttpException in the absence of handler service or error page (I didn't think it was appropriate to re-use those for LogoutException). |
||
---|---|---|
.. | ||
Acl | ||
Core | ||
Http | ||
composer.json | ||
LICENSE | ||
README.md |
Security Component
Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.
Resources
Unit tests:
https://github.com/symfony/symfony/tree/master/tests/Symfony/Tests/Component/Security
Documentation: