diff --git a/UPGRADE-3.4.md b/UPGRADE-3.4.md index 6561c15a0b46f..3bfbde4b32d5c 100644 --- a/UPGRADE-3.4.md +++ b/UPGRADE-3.4.md @@ -316,6 +316,10 @@ SecurityBundle * Deprecated the HTTP digest authentication: `HttpDigestFactory` will be removed in 4.0. Use another authentication system like `http_basic` instead. + + * Not configuring explicitly the provider on a firewall is ambiguous when there is more than one registered provider. + Using the first configured provider is deprecated since 3.4 and will throw an exception on 4.0. + Explicitly configure the provider to use on your firewalls. Translation ----------- diff --git a/UPGRADE-4.0.md b/UPGRADE-4.0.md index 688a309466b5d..c3ba0ed84c9d4 100644 --- a/UPGRADE-4.0.md +++ b/UPGRADE-4.0.md @@ -693,6 +693,10 @@ SecurityBundle * Removed the HTTP digest authentication system. The `HttpDigestFactory` class has been removed. Use another authentication system like `http_basic` instead. + + * Not configuring explicitly the provider on a firewall is ambiguous when there is more than one registered provider. + The first configured provider is not used anymore and an exception is thrown instead. + Explicitly configure the provider to use on your firewalls. Serializer ---------- diff --git a/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md b/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md index 4d5a1b8f86eab..9b02ebac34eee 100644 --- a/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md +++ b/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md @@ -17,6 +17,7 @@ CHANGELOG * deprecated command `acl:set` along with `SetAclCommand` class * deprecated command `init:acl` along with `InitAclCommand` class * Added support for the new Argon2i password encoder + * deprecated auto picking the first registered provider when no configured provider on a firewall and ambiguous 3.3.0 ----- diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php index 45ab00ac47871..231d5dae7223d 100644 --- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php +++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php @@ -359,6 +359,10 @@ private function createFirewall(ContainerBuilder $container, $id, $firewall, &$a $defaultProvider = $providerIds[$normalizedName]; } else { $defaultProvider = reset($providerIds); + + if (count($providerIds) > 1) { + @trigger_error(sprintf('Firewall "%s" has no "provider" set but multiple providers exist. Using the first configured provider (%s) is deprecated since 3.4 and will throw an exception in 4.0, set the "provider" key on the firewall instead.', $id, key($providerIds)), E_USER_DEPRECATED); + } } $config->replaceArgument(5, $defaultProvider); diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1.php index a80f880f80850..433c9ed2ecb22 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1.php @@ -60,8 +60,9 @@ ), 'firewalls' => array( - 'simple' => array('pattern' => '/login', 'security' => false), + 'simple' => array('provider' => 'default', 'pattern' => '/login', 'security' => false), 'secure' => array('stateless' => true, + 'provider' => 'default', 'http_basic' => true, 'form_login' => true, 'anonymous' => true, @@ -74,6 +75,7 @@ 'logout_on_user_change' => true, ), 'host' => array( + 'provider' => 'default', 'pattern' => '/test', 'host' => 'foo\\.example\\.org', 'methods' => array('GET', 'POST'), @@ -82,6 +84,7 @@ 'logout_on_user_change' => true, ), 'with_user_checker' => array( + 'provider' => 'default', 'user_checker' => 'app.user_checker', 'anonymous' => true, 'http_basic' => true, diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1_with_acl.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1_with_acl.php index fc9b07c4f18b2..4dd85111cfb22 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1_with_acl.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1_with_acl.php @@ -61,8 +61,9 @@ ), 'firewalls' => array( - 'simple' => array('pattern' => '/login', 'security' => false), + 'simple' => array('provider' => 'default', 'pattern' => '/login', 'security' => false), 'secure' => array('stateless' => true, + 'provider' => 'default', 'http_basic' => true, 'http_digest' => array('secret' => 'TheSecret'), 'form_login' => true, @@ -75,6 +76,7 @@ 'user_checker' => null, ), 'host' => array( + 'provider' => 'default', 'pattern' => '/test', 'host' => 'foo\\.example\\.org', 'methods' => array('GET', 'POST'), @@ -82,6 +84,7 @@ 'http_basic' => true, ), 'with_user_checker' => array( + 'provider' => 'default', 'user_checker' => 'app.user_checker', 'anonymous' => true, 'http_basic' => true, diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1_with_digest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1_with_digest.php index 581407fcc05a5..df57aee64bac7 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1_with_digest.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1_with_digest.php @@ -61,8 +61,9 @@ ), 'firewalls' => array( - 'simple' => array('pattern' => '/login', 'security' => false), + 'simple' => array('provider' => 'default', 'pattern' => '/login', 'security' => false), 'secure' => array('stateless' => true, + 'provider' => 'default', 'http_basic' => true, 'http_digest' => array('secret' => 'TheSecret'), 'form_login' => true, @@ -76,6 +77,7 @@ 'logout_on_user_change' => true, ), 'host' => array( + 'provider' => 'default', 'pattern' => '/test', 'host' => 'foo\\.example\\.org', 'methods' => array('GET', 'POST'), @@ -84,6 +86,7 @@ 'logout_on_user_change' => true, ), 'with_user_checker' => array( + 'provider' => 'default', 'user_checker' => 'app.user_checker', 'anonymous' => true, 'http_basic' => true, diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1.xml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1.xml index 01a5940d8c699..56052deb4a1a1 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1.xml +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1.xml @@ -43,9 +43,9 @@ - + - + @@ -57,12 +57,12 @@ - + - + app.user_checker diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1_with_acl.xml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1_with_acl.xml index 6d43fcdc4ff80..fbe21f0bb1742 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1_with_acl.xml +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1_with_acl.xml @@ -44,9 +44,9 @@ - + - + @@ -59,12 +59,12 @@ - + - + app.user_checker diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1_with_digest.xml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1_with_digest.xml index e5049f2033e51..790a90714a4e1 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1_with_digest.xml +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1_with_digest.xml @@ -45,9 +45,9 @@ - + - + @@ -60,12 +60,12 @@ - + - + app.user_checker diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1.yml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1.yml index d9489abca1358..292154660b6dc 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1.yml +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1.yml @@ -43,6 +43,7 @@ security: firewalls: simple: { pattern: /login, security: false } secure: + provider: default stateless: true http_basic: true form_login: true @@ -56,6 +57,7 @@ security: user_checker: ~ host: + provider: default pattern: /test host: foo\.example\.org methods: [GET,POST] @@ -64,6 +66,7 @@ security: logout_on_user_change: true with_user_checker: + provider: default anonymous: ~ http_basic: ~ user_checker: app.user_checker diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1_with_acl.yml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1_with_acl.yml index e8ed61ef031b9..176494e8ba93f 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1_with_acl.yml +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1_with_acl.yml @@ -44,6 +44,7 @@ security: firewalls: simple: { pattern: /login, security: false } secure: + provider: default stateless: true http_basic: true http_digest: @@ -59,6 +60,7 @@ security: user_checker: ~ host: + provider: default pattern: /test host: foo\.example\.org methods: [GET,POST] @@ -66,6 +68,7 @@ security: http_basic: true with_user_checker: + provider: default anonymous: ~ http_basic: ~ user_checker: app.user_checker diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1_with_digest.yml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1_with_digest.yml index a2b57201bfbd2..1e984256f33d1 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1_with_digest.yml +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1_with_digest.yml @@ -44,6 +44,7 @@ security: firewalls: simple: { pattern: /login, security: false } secure: + provider: default stateless: true http_basic: true http_digest: @@ -59,6 +60,7 @@ security: user_checker: ~ host: + provider: default pattern: /test host: foo\.example\.org methods: [GET,POST] @@ -67,6 +69,7 @@ security: logout_on_user_change: true with_user_checker: + provider: default anonymous: ~ http_basic: ~ user_checker: app.user_checker diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php index 1055e4afd40f6..3dd1f817ae618 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php @@ -148,6 +148,31 @@ public function testDeprecationForUserLogout() $container->compile(); } + /** + * @group legacy + * @expectedDeprecation Firewall "default" has no "provider" set but multiple providers exist. Using the first configured provider (first) is deprecated since 3.4 and will throw an exception in 4.0, set the "provider" key on the firewall instead. + */ + public function testDeprecationForAmbiguousProvider() + { + $container = $this->getRawContainer(); + + $container->loadFromExtension('security', array( + 'providers' => array( + 'first' => array('id' => 'foo'), + 'second' => array('id' => 'bar'), + ), + + 'firewalls' => array( + 'default' => array( + 'http_basic' => null, + 'logout_on_user_change' => true, + ), + ), + )); + + $container->compile(); + } + protected function getRawContainer() { $container = new ContainerBuilder(); pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy