8000 Inconsistency in security factories · Issue #22473 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

Inconsistency in security factories #22473

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Toflar opened this issue Apr 19, 2017 · 5 comments · Fixed by #36243
Closed

Inconsistency in security factories #22473

Toflar opened this issue Apr 19, 2017 · 5 comments · Fixed by #36243
Labels
Feature Security

Comments

@Toflar
Copy link
Contributor
Toflar commented Apr 19, 2017
edited
Loading
Q A
Bug report? no
Feature request? yes
BC Break report? no
RFC? no
Symfony version all

I've implemented my own security authentication using a custom factory as e.g. described in the docs here.
I read the source code in SecurityExtension carefully and as far as I could see, thanks to the support for factories and the AbstractFactory I was able to quickly have my own listener, provider etc. registered. Configuring it in my security.yml was as easy as this:

firewall_name:
    pattern: ~
    anonymous: true
    my_factory_key: { my_factory_settings: foobar }

However, this does not work for logout. As you can see here, logout has to be explicitly defined on the firewall so I cannot just use my factory to provide my own logout listeners. I would like to replace the logout listener because I don't want it to check for a path but for request parameters to be present.
I just wonder if this is on purpose or if this is actually an inconsistency? Maybe anyone can tell me :-)
@sh4ka
Copy link
sh4ka commented Apr 25, 2017

I think you should enable the logout option in the firewall like this: http://symfony.com/doc/current/security.html#logging-out

@Toflar
Copy link
Contributor Author
Toflar commented Apr 25, 2017

This is not what I need. My firewall does not support logging out on a specific route but on certain request attributes which is why I need to adjust the default logout listener.

@ro0NL
Copy link
Contributor
ro0NL commented Apr 26, 2017

I think your stuck :) The bundle config only supports the default logout handler, which is path based :(

Can you move forward when decorating security.logout_listener?

Would be nice if we could do something like logout: { id: some-service } on each firewall 👍

@Toflar
Copy link
Contributor Author
Toflar commented Apr 26, 2017

Would be nice if we could do something like logout: { id: some-service } on each firewall 👍

Yeah, I just wonder why nobody else had this problem before which is why I'm kinda feeling I'm missing something 😄

@ro0NL
Copy link
Contributor
ro0NL commented Apr 26, 2017

We all use path-based logout :P

@ro0NL ro0NL mentioned this issue Apr 28, 2017
Closed
@wouterj wouterj mentioned this issue Mar 27, 2020
Merged
@fabpot fabpot closed this as completed in 1fc7b86 Apr 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature Security
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Security] Refactor logout listener to dispatch an event instead wouterj/symfony
4 participants
@javiereguiluz @Toflar @ro0NL @sh4ka
0