f557f943ba
This PR was squashed before being merged into the 4.2-dev branch (closes #26981).
Discussion
----------
No more support for custom anon/remember tokens based on FQCN
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #26940
| License | MIT
| Doc PR | ~
This PR deprecates the ability to configure a custom anonymous and remember me token class, via the AuthenticationTrustResolver. The only change required _if_ you have changed the token classes like this, is to extend the Anonymous/RememberMe token classes.
Commits
-------
860d4549c2 No more support for custom anon/remember tokens based on FQCN
25 lines
1.2 KiB
Markdown
25 lines
1.2 KiB
Markdown
UPGRADE FROM 4.1 to 4.2
|
|
=======================
|
|
|
|
Security
|
|
--------
|
|
|
|
* Using the `has_role()` function in security expressions is deprecated, use the `is_granted()` function instead.
|
|
* Not returning an array of 3 elements from `FirewallMapInterface::getListeners()` is deprecated, the 3rd element
|
|
must be an instance of `LogoutListener` or `null`.
|
|
* Passing custom class names to the
|
|
`Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver` to define
|
|
custom anonymous and remember me token classes is deprecated. To
|
|
use custom tokens, extend the existing `Symfony\Component\Security\Core\Authentication\Token\AnonymousToken`
|
|
or `Symfony\Component\Security\Core\Authentication\Token\RememberMeToken`.
|
|
|
|
SecurityBundle
|
|
--------------
|
|
|
|
* Passing a `FirewallConfig` instance as 3rd argument to the `FirewallContext` constructor is deprecated,
|
|
pass a `LogoutListener` instance instead.
|
|
* Using the `security.authentication.trust_resolver.anonymous_class` and
|
|
`security.authentication.trust_resolver.rememberme_class` parameters to define
|
|
the token classes is deprecated. To use
|
|
custom tokens extend the existing AnonymousToken and RememberMeToken.
|