[SecurityBundle] made the anonymous key parameter configurable and random by default

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Configuration.php

@@ -156,7 +156,9 @@ class Configuration
                             ->prototype('scalar')->end()
                         ->end()
                     ->end()
-                    ->booleanNode('anonymous')->defaultFalse()->end()
+                    ->arrayNode('anonymous')
+                        ->scalarNode('key')->defaultValue(function () { return uniqid(); })->end()
+                    ->end()
                     ->arrayNode('switch_user')
                         ->scalarNode('provider')->end()
                         ->scalarNode('parameter')->defaultValue('_switch_user')->end()

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

@@ -345,9 +345,22 @@ class SecurityExtension extends Extension
         }
 
         // Anonymous
-        if ($firewall['anonymous']) {
-            $listeners[] = new Reference('security.authentication.listener.anonymous');
-            $authenticationProviders[] = 'security.authentication.provider.anonymous';
+        if (isset($firewall['anonymous'])) {
+            $listenerId = 'security.authentication.listener.anonymous.'.$id;
+            $container
+                ->setDefinition($listenerId, new DefinitionDecorator('security.authentication.listener.anonymous'))
+                ->setArgument(1, $firewall['anonymous']['key'])
+            ;
+
+            $listeners[] = new Reference($listenerId);
+
+            $providerId = 'security.authentication.provider.anonymous.'.$id;
+            $container
+                ->setDefinition($providerId, new DefinitionDecorator('security.authentication.provider.anonymous'))
+                ->setArgument(0, $firewall['anonymous']['key'])
+            ;
+
+            $authenticationProviders[] = $providerId;
             $hasListeners = true;
         }
 

src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml

@@ -37,18 +37,17 @@
         <parameter key="security.authentication.provider.pre_authenticated.class">Symfony\Component\Security\Core\Authentication\Provider\PreAuthenticatedAuthenticationProvider</parameter>
 
         <parameter key="security.authentication.provider.anonymous.class">Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider</parameter>
-        <parameter key="security.anonymous.key">SomeRandomValue</parameter>
     </parameters>
 
     <services>
         <service id="security.authentication.listener.anonymous" class="%security.authentication.listener.anonymous.class%" public="false">
             <argument type="service" id="security.context" />
-            <argument>%security.anonymous.key%</argument>
+            <argument /> <!-- Key -->
             <argument type="service" id="logger" on-invalid="null" />
         </service>
 
         <service id="security.authentication.provider.anonymous" class="%security.authentication.provider.anonymous.class%" public="false">
-            <argument>%security.anonymous.key%</argument>
+            <argument /> <!-- Key -->
         </service>
 
         <service id="security.authentication.retry_entry_point" class="%security.authentication.retry_entry_point.class%" public="false" />

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php

@@ -83,7 +83,7 @@ abstract class SecurityExtensionTest extends \PHPUnit_Framework_TestCase
                 'security.authentication.listener.form.secure',
                 'security.authentication.listener.basic.secure',
                 'security.authentication.listener.digest.secure',
-                'security.authentication.listener.anonymous',
+                'security.authentication.listener.anonymous.secure',
                 'security.access_listener',
                 'security.authentication.switchuser_listener.secure',
             ),