8000 Multiple memory user providers issue · Issue #10818 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

Multiple memory user providers issue #10818

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Renrhaf opened this issue Apr 29, 2014 · 3 comments
Closed

Multiple memory user providers issue #10818

Renrhaf opened this issue Apr 29, 2014 · 3 comments

Comments

@Renrhaf
Copy link
Renrhaf commented Apr 29, 2014

In the case when there are multiple memory user providers for different firewalls

security:
    ...
    ...

    providers:
        admin:          
            memory:
                users:
                    user1: { password: user1, roles: [ 'ROLE_ADMIN' ] }
                    user2: { password: user2, roles: [ 'ROLE_ADMIN' ] }

        print:          
            memory:
                users:
                    user3: { password: user3, roles: [ 'ROLE_PRINT' ] }
                    user4: { password: user4, roles: [ 'ROLE_PRINT' ] }

    firewalls:
        ...
        ...

        download:
            pattern: ^/download
            provider:  print

        admin:
            pattern: ^/admin
            provider:  admin

An error occurs with the firewall using the second memory user provider.
During the refresh of the user, the first memory user provider is used instead of the specified one and fail.
This results in the loss of the user token and the global login process failure.

This takes place in

Symfony\Component\Security\Http\Firewall\ContextListener.php

In the function

refreshUser(TokenInterface $token)

Line 175 : the return after an unsuccessfull user loading, but for the first defined user memory provider, not the right one if it is on second or any other position.

I wonder why is there a return statement in this position ? Why not letting all the providers try to load the user ? Why not using the provider specified in the firewall if it is possible ?

I hope it's clear enought to be understandable...
Regards
@CodiliciousXX
Copy link

I also met the same issue. Can someone more efficient in Symfony core have a look at this please?

@Renrhaf
Copy link
Author
Renrhaf commented May 3, 2014

Seems to be the same issue as discussed here : #4498
Do I have to close this issue then ?

@fabpot
Copy link
Member
fabpot commented May 4, 2014

Yes

@fabpot fabpot closed this as completed May 4, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fabpot @Renrhaf @CodiliciousXX
0