I was reviewing how sfDoctrineGuardPlugin control the sign in and i found that this plugin doesn't make any validation about the status of the user (i think this should be with the is_active field). I realized about this because i have a user with is_active = 0 and this user can sign in without any problems.
My doubt is if this behavior is normal and we have to ensure or maybe is a security problem. Thanks for your answers. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
