8000 merged branch uwej711/security_target_path_master (PR #4409) · mageekguy/symfony@637aaac · GitHub
[go: up one dir, main page]
Skip to content
< 8000 script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/sessions-1e75b15ae60a.js">

Commit 637aaac

Browse files
fabpotfabpot
committed
merged branch uwej711/security_target_path_master (PR symfony#4409)
Commits ------- 8ffaafa Make the session entry for the target url firewall dependent. Discussion ---------- [Security] Make the session entry for the target url firewall dependent. Bug fix: yes Feature addition: no Backwards compatibility break: yes Symfony2 tests pass: yes Fixes the following tickets: License of the code: MIT If there are two firewalls (eg. main and admin), calling an protected admin url will direct you to the login form of the admin. If I ignore this and go to the login form of the main firewall directly I will end up being redirected to the stored admin target url, which will lead me to the admin login form again. --------------------------------------------------------------------------- by travisbot at 2012-05-25T09:33:44Z This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1431566) (merged 8ffaafa into 45849ce). --------------------------------------------------------------------------- by uwej711 at 2012-06-09T08:05:54Z Doesn't this make sense or did this slip through? Or is there something missing?
2 parents b26cd4c + 8ffaafa commit 637aaac

File tree

4 files changed

+11
-7
lines changed

4 files changed

+11
-7
lines changed

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -551,13 +551,14 @@ private function createExceptionListener($container, $config, $id, $defaultEntry
551551
{
552552
$exceptionListenerId = 'security.exception_listener.'.$id;
553553
$listener = $container->setDefinition($exceptionListenerId, new DefinitionDecorator('security.exception_listener'));
554-
$listener->replaceArgument(3, null === $defaultEntryPoint ? null : new Reference($defaultEntryPoint));
554+
$listener->replaceArgument(3, $id);
555+
$listener->replaceArgument(4, null === $defaultEntryPoint ? null : new Reference($defaultEntryPoint));
555556

556557
// access denied handler setup
557558
if (isset($config['access_denied_handler'])) {
558-
$listener->replaceArgument(5, new Reference($config['access_denied_handler']));
559+
$listener->replaceArgument(6, new Reference($config['access_denied_handler']));
559560
} elseif (isset($config['access_denied_url'])) {
560-
$listener->replaceArgument(4, $config['access_denied_url']);
561+
$listener->replaceArgument(5, $config['access_denied_url']);
561562
}
562563

563564
return $exceptionListenerId;

src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -158,6 +158,7 @@
158158
<argument type="service" id="security.context" />
159159
<argument type="service" id="security.authentication.trust_resolver" />
160160
<argument type="service" id="security.http_utils" />
161+
<argument />
161162
<argument type="service" id="security.authentication.entry_point" on-invalid="null" />
162163
<argument>%security.access.denied_url%</argument>
163164
<argument type="service" id="security.access.denied_handler" on-invalid="null" />

src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -271,8 +271,8 @@ private function determineTargetUrl(Request $request)
271271
}
272272

273273
$session = $request->getSession();
274-
if ($targetUrl = $session->get('_security.target_path')) {
275-
$session->remove('_security.target_path');
274+
if ($targetUrl = $session->get('_security.' . $this->providerKey . '.target_path')) {
275+
$session->remove('_security.' . $this->providerKey . '.target_path');
276276

277277
return $targetUrl;
278278
}

src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,18 +39,20 @@
3939
class ExceptionListener
4040
{
4141
private $context;
42+
private $providerKey;
4243
private $accessDeniedHandler;
4344
private $authenticationEntryPoint;
4445
private $authenticationTrustResolver;
4546
private $errorPage;
4647
private $logger;
4748
private $httpUtils;
4849

49-
public function __construct(SecurityContextInterface $context, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null)
50+
public function __construct(SecurityContextInterface $context, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null)
5051
{
5152
$this->context = $context;
5253
$this->accessDeniedHandler = $accessDeniedHandler;
5354
$this->httpUtils = $httpUtils;
55+
$this->providerKey = $providerKey;
5456
$this->authenticationEntryPoint = $authenticationEntryPoint;
5557
$this->authenticationTrustResolver = $trustResolver;
5658
$this->errorPage = $errorPage;
@@ -180,7 +182,7 @@ protected function setTargetPath(Request $request)
180182
{
181183
// session isn't required when using http basic authentication mechanism for example
182184
if ($request->hasSession() && $request->isMethodSafe()) {
183-
$request->getSession()->set('_security.target_path', $request->getUri());
185+
$request->getSession()->set('_security.' . $this->providerKey . '.target_path', $request->getUri());
184186
}
185187
}
186188
}

0 commit comments

Comments
 (0)
0