Home Esplora Aiuto
Registrati Accedi
VendorSoftware
/
symfony
2
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

[SecurityBundle] made user and credentials configuration for X509 authentication

Fabien Potencier 14 anni fa
parent
b638cf07a5
commit
2610e1b699
2 ha cambiato i file con 11 aggiunte e 9 eliminazioni
Visualizzazione unificata Mostra Diff Stats
  1. 4 0
      src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/X509Factory.php
  2. 7 9
      src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml

+ 4 - 0
src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/X509Factory.php
Vedi File 

@@ -38,6 +38,8 @@ class X509Factory implements SecurityFactoryInterface
 
         $listenerId = 'security.authentication.listener.x509.'.$id;
 
         $listenerId = 'security.authentication.listener.x509.'.$id;
 
         $listener = $container->setDefinition($listenerId, new DefinitionDecorator('security.authentication.listener.x509'));
 
         $listener = $container->setDefinition($listenerId, new DefinitionDecorator('security.authentication.listener.x509'));
 
         $listener->setArgument(2, $id);
 
         $listener->setArgument(2, $id);
 
+        $listener->setArgument(3, $config['user']);
 
+        $listener->setArgument(4, $config['credentials']);
 
 
 
         return array($provider, $listenerId, $defaultEntryPoint);
 
         return array($provider, $listenerId, $defaultEntryPoint);
 
     }
 
     }
 
@@ -56,6 +58,8 @@ class X509Factory implements SecurityFactoryInterface
 
     {
 
     {
 
         $builder
 
         $builder
 
             ->scalarNode('provider')->end()
 
             ->scalarNode('provider')->end()
 
+            ->scalarNode('user')->defaultValue('SSL_CLIENT_S_DN_Email')->end()
 
+            ->scalarNode('credentials')->defaultValue('SSL_CLIENT_S_DN')->end()
 
         ;
 
         ;
 
     }
 
     }
 
 }
 
 }

+ 7 - 9
src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
Vedi File 

@@ -19,11 +19,9 @@
 
         <parameter key="security.authentication.digest_entry_point.class">Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint</parameter>
 
         <parameter key="security.authentication.digest_entry_point.class">Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint</parameter>
 
 
 
         <parameter key="security.authentication.listener.x509.class">Symfony\Component\Security\Http\Firewall\X509AuthenticationListener</parameter>
 
         <parameter key="security.authentication.listener.x509.class">Symfony\Component\Security\Http\Firewall\X509AuthenticationListener</parameter>
 
-        <parameter key="security.authentication.x509.user">SSL_CLIENT_S_DN_Email</parameter>
 
-        <parameter key="security.authentication.x509.credentials">SSL_CLIENT_S_DN</parameter>
 
 
 
         <parameter key="security.authentication.listener.anonymous.class">Symfony\Component\Security\Http\Firewall\AnonymousAuthenticationListener</parameter>
 
         <parameter key="security.authentication.listener.anonymous.class">Symfony\Component\Security\Http\Firewall\AnonymousAuthenticationListener</parameter>
 
-        
+
 
         <parameter key="security.authentication.switchuser_listener.class">Symfony\Component\Security\Http\Firewall\SwitchUserListener</parameter>
 
         <parameter key="security.authentication.switchuser_listener.class">Symfony\Component\Security\Http\Firewall\SwitchUserListener</parameter>
 
 
 
         <parameter key="security.logout_listener.class">Symfony\Component\Security\Http\Firewall\LogoutListener</parameter>
 
         <parameter key="security.logout_listener.class">Symfony\Component\Security\Http\Firewall\LogoutListener</parameter>
 
@@ -38,10 +36,10 @@
 
         <parameter key="security.authentication.provider.dao.class">Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider</parameter>
 
         <parameter key="security.authentication.provider.dao.class">Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider</parameter>
 
         <parameter key="security.authentication.provider.pre_authenticated.class">Symfony\Component\Security\Core\Authentication\Provider\PreAuthenticatedAuthenticationProvider</parameter>
 
         <parameter key="security.authentication.provider.pre_authenticated.class">Symfony\Component\Security\Core\Authentication\Provider\PreAuthenticatedAuthenticationProvider</parameter>
 
 
 
-        <parameter key="security.authentication.provider.anonymous">Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider</parameter>
 
+        <parameter key="security.authentication.provider.anonymous.class">Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider</parameter>
 
         <parameter key="security.anonymous.key">SomeRandomValue</parameter>
 
         <parameter key="security.anonymous.key">SomeRandomValue</parameter>
 
     </parameters>
 
     </parameters>
 
-    
+
 
     <services>
 
     <services>
 
         <service id="security.authentication.listener.anonymous" class="%security.authentication.listener.anonymous.class%" public="false">
 
         <service id="security.authentication.listener.anonymous" class="%security.authentication.listener.anonymous.class%" public="false">
 
             <argument type="service" id="security.context" />
 
             <argument type="service" id="security.context" />
 
@@ -49,7 +47,7 @@
 
             <argument type="service" id="logger" on-invalid="null" />
 
             <argument type="service" id="logger" on-invalid="null" />
 
         </service>
 
         </service>
 
 
 
-        <service id="security.authentication.provider.anonymous" class="%security.authentication.provider.anonymous%" public="false">
 
+        <service id="security.authentication.provider.anonymous" class="%security.authentication.provider.anonymous.class%" public="false">
 
             <argument>%security.anonymous.key%</argument>
 
             <argument>%security.anonymous.key%</argument>
 
         </service>
 
         </service>
 
 
 
@@ -107,9 +105,9 @@
 
         <service id="security.authentication.listener.x509" class="%security.authentication.listener.x509.class%" public="false" abstract="true">
 
         <service id="security.authentication.listener.x509" class="%security.authentication.listener.x509.class%" public="false" abstract="true">
 
             <argument type="service" id="security.context" />
 
             <argument type="service" id="security.context" />
 
             <argument type="service" id="security.authentication.manager" />
 
             <argument type="service" id="security.authentication.manager" />
 
-            <argument />
 
-            <argument>%security.authentication.x509.user%</argument>
 
-            <argument>%security.authentication.x509.credentials%</argument>
 
+            <argument /> <!-- Provider-shared Key -->
 
+            <argument /> <!-- x509 user -->
 
+            <argument /> <!-- x509 credentials -->
 
             <argument type="service" id="logger" on-invalid="null" />
 
             <argument type="service" id="logger" on-invalid="null" />
 
             <argument type="service" id="event_dispatcher" on-invalid="null"/>
 
             <argument type="service" id="event_dispatcher" on-invalid="null"/>
 
         </service>
 
         </service>