1

Long time i was on Symfony 2.0 version and my custom authentication provider works. Now i decided to upgrade to newest version. First step was upgrade to 2.1, then 2.2 and so on. But i stuck during first step to 2.1. Upgrade was succesfuly done, but user authentication does not work. After every login im redirect back to login form.

I have created user provider and authentication provider exactly as in documentation: http://symfony.com/doc/2.0/cookbook/security/custom_authentication_provider.html http://symfony.com/doc/2.0/cookbook/security/custom_provider.html

I make every version changes as added equatableInterface and change equals() to isEqualTo() method in UserProvider.

And in AuthenticationProvider I moved Factory configuration to bundle class.

In version 2.1 are many changes related to Security. (https://github.com/symfony/symfony/blob/master/UPGRADE-2.1.md) Every change I edited.

My Token persisting in controller looks like this:

$authenticatedToken = new UsernamePasswordToken($user, null, 'back_area', array($result->roles));
$request = $this->getRequest();
$session = $request->getSession();
$session->set('_security_back_area',  $authenticatedToken->serialize());

$this->get('security.context')->setToken($authenticatedToken);

And security.yml:

providers:
    users:
      id: login_user_provider
back_area:
    pattern:  ^/admin
    provider: users
    form_login:
        check_path: _security_check_back
        login_path: _security_login_back
    logout:
        path:   _security_logout_back
        Mytarget: /admin/

routing.yml

_security_login_back:
    pattern:  /a/login
    defaults: { _controller: MyBackBundle:Default:login }

_security_check_back:
    pattern:  /a/login_check

_security_logout_back:
    pattern:  /admin/logout

After this persist, if I dump security.context, there is persisted token, but after page redirect, the token (in security.context) is NULL.

gavec
  • 205
  • 5
  • 17
  • You will need to replace your explicit routes with named routes but that is not a problem for S2.1. You should not need to set the security context in a controller. The listener/auth provider should do that. Hard to get more specific. Maybe take a look at https://github.com/hwi/HWIOAuthBundle for a working example. – Cerad May 03 '13 at 15:05
  • Thanks. I edited my question, where I added routing.yml and changed security.yml. Is it all right now? As you told, the problem wasn`t removed. If I try to add die() function to my listener constructor, nothing happen. Can`t be problem here? That the symfony doesn`t know about listener? The same is with Other classes from custom auth. provider documentation (Token, Provider..). – gavec May 03 '13 at 18:04
  • Yep. Read through the master version of the cookbook article. The whole startup sequence changed significantly in 2.1. – Cerad May 03 '13 at 20:28
  • In WsseListener is required "x-wsse" parameter in header. What I have to do, to add this parameter into header?. – gavec May 04 '13 at 01:32
  • Nobody with some hint, how to insert x-wsse parameter into header? I cant find it anywhere :/ – gavec Jun 25 '13 at 14:30

0 Answers0