Ok I tried, but it seems like no matter what I do on Trac I get this "Internal trac error" when I try to submit a ticket: "IntegrityError: columns ticket, name are not unique" no matter what options I choose or what I write into the report.
Here is my ticket, though: ----- This ticket concerns the EntityUserProvider::loadUserByAccount() class method. The method receives an object of type AccountInterface, retrieves a string-form login identifier from AccountInterface and passes the identifier on to EntityUserProvider::loadUserByUsername(). The retrieval of this login identifier is done with a call to AccountInterface::toString() although there is an AccountInterface::getUsername() method also defined in the AccountInterface interface. In an example case where the account is identified by email_address and shown to others by first_name and last_name, it is more obvious to make toString() return the user's real name and expect EntityUserProvider to use getUsername() to retrieve the login identifier. Currently if a developer fails to implement the toString() method for what purpose it is used, the developer gets no error but a valid authentication is reset back to anonymous authentication on the next page load with no sign of the cause. Thanks, Jaakko R. [email protected] On Sun, Jan 23, 2011 at 6:49 PM, Johannes <[email protected]> wrote: > I think we can change the implementation here to always call - > >getUsername(), can you file a ticket on http://trac.symfony-project.org? > > Thanks, > Johannes > > On 22 Jan., 21:46, taidehuone <[email protected]> wrote: > > I would like to comment on EntityUserProvider's loadUserByAccount() > method. > > Unlike loadUserByUsername() which receives a plain string-form login > > identifier for authentication, loadUserByAccount() has to retrieve the > > string identifier from a supplied AccountInterface object. This is very > > fine. > > > > However it was not at all obvious to me that loadUserByAccount() > retrieves > > the string identifier with a call to MyUserEntity->__toString() when > there > > is a getUsername() method also implemented in AccountInterface. It was > more > > obvious for me to have __toString() return the user's real name shown to > > others instead of an email address which I use for logging in users. As a > > result I spent several hours digging the symfony code. Debugging wasn't > > straight forward as I would only see a successful authentication turn > into > > an anonymous user on the next page load. > > > > Thank you, > > Jaakko R. > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony developers" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected]<symfony-devs%[email protected]> > For more options, visit this group at > http://groups.google.com/group/symfony-devs?hl=en > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
