Hi Matthias,
On 9/13/10 11:02 AM, Matthias Nothhaft wrote:
Hi,
I've created a heavily extended version of the sfUser class in my
mdUserPlugin [1] with many additional features. (sorry, no docs, not
100% unit tested..). I have some ideas to make it even better by
moving things into dedicated "sub services" and some other
refactorings.. For example I'm currently thinking about moving the sf
1.4 credentials handling into its own "credential bag" so one can
easily replace it. Anyway.. I'm very interested in the sycurity
features of Symfony2. Maybe you can already give some rough
information of the new concept?
Basically, I want Symfony2 to support more than just username/password
authentication methods. Symfony2 security should work easily with HTTP
auth, CAS, OpenId, X509 certificates, and some more. So, the code will
leave in a dedicated component (Security), and integration will be done
in the FrameworkBundle bundle (should be light enough). The Security
component won't be tied to any other Symfony2 components either, and
will be usable outside of a Symfony2 MVC project. You can think about it
as being a sfGuardPlugin on steroid. I cannot say much more than that
right now as I don't have much code yet.
Fabien
regards,
Matthias
[1]
http://github.com/mahono/mdUserPlugin/blob/master/lib/user/mdAdvancedSecurityUser.php
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
