Merge pull request #2835 from alcaeus/ticket_8226

weaverryan · weaverryan · commit f6eec742d070 · 2013-07-28T16:29:00.000-07:00
[WCM] Fix example code to reflect changes for #8226
diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst
@@ -144,7 +144,11 @@ set an authenticated token in the security context if successful.
                 // ... you might log something here
 
                 // To deny the authentication clear the token. This will redirect to the login page.
-                // $this->securityContext->setToken(null);
+                // Make sure to only clear your token, not those of other authentication listeners.
+                // $token = $this->securityContext->getToken();
+                // if ($token instanceof WsseUserToken && $this->providerKey === $token->getProviderKey()) {
+                //     $this->securityContext->setToken(null);
+                // }
                 // return;
 
                 // Deny authentication with a '403 Forbidden' HTTP response
