In the time it took for the posting to be published I realized that i
was wrong - when i use the app without login there is some session
data
saved (default language, ...). But with login still nothing is saved.
Here's an excerpt from the log. One can clearly see that it performs
the
authentication and then writes to session only to not find the token
later.
2011-02-02T10:05:06+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Bundle\FrameworkBundle
\RequestListener::handle" (notifyUntil)
2011-02-02T10:05:06+01:00 INFO: Matched route
"_security_check" (parameters:
{"_controller":"fos_user.controller.security:loginAction","_route":"_security_check"})
2011-02-02T10:05:06+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Bundle\FrameworkBundle\HttpFoundation
\SessionListener::handle" (notifyUntil)
2011-02-02T10:05:06+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Component\Security\Http
\Firewall::handle" (notifyUntil)
2011-02-02T10:05:06+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\ChannelListener::handle" (notifyUntil)
2011-02-02T10:05:06+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\ContextListener::read" (notifyUntil)
2011-02-02T10:05:06+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\LogoutListener::handle" (notifyUntil)
2011-02-02T10:05:06+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\UsernamePasswordFormAuthenticationListener::handle" (notifyUntil)
2011-02-02T10:05:06+01:00 INFO: SELECT t0.username AS username1,
t0.username_canonical AS username_canonical2, t0.email AS email3,
t0.email_canonical AS email_canonical4, t0.enabled AS enabled5,
t0.algorithm AS algorithm6, t0.salt AS salt7, t0.password AS
password8, t0.created_at AS created_at9, t0.updated_at AS
updated_at10, t0.last_login AS last_login11, t0.locked AS locked12,
t0.expired AS expired13, t0.expires_at AS expires_at14,
t0.confirmation_token AS confirmation_token15,
t0.password_requested_at AS password_requested_at16, t0.roles AS
roles17, t0.credentials_expired AS credentials_expired18,
t0.credentials_expire_at AS credentials_expire_at19, t0.id AS id20,
t0.contact_id AS contact_id21 FROM User t0 WHERE t0.username_canonical
= ? (["moehler"])
2011-02-02T10:05:07+01:00 INFO: SELECT t0.name AS name1, t0.roles AS
roles2, t0.id AS id3 FROM fos_user_group t0 INNER JOIN
fos_user_user_group ON t0.id = fos_user_user_group.group_id WHERE
fos_user_user_group.user_id = ? ([4])
2011-02-02T10:05:07+01:00 DEBUG: User has been authenticated
successfully
2011-02-02T10:05:07+01:00 DEBUG: Listener "Symfony\Component\Security
\Http\Firewall\UsernamePasswordFormAuthenticationListener::handle"
processed the event "core.security"
2011-02-02T10:05:07+01:00 DEBUG: Listener "Symfony\Component\Security
\Http\Firewall\AccessListener::handle" was not called for event
"core.security"
2011-02-02T10:05:07+01:00 DEBUG: Listener "Symfony\Component\Security
\Http\Firewall::handle" processed the event "core.request"
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.response" to
listener "Symfony\Component\HttpKernel
\ResponseListener::filter" (filter)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.response" to
listener "Symfony\Bundle\FrameworkBundle\HttpFoundation
\SessionListener::filter" (filter)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.response" to
listener "Symfony\Component\Security\Http\Firewall
\ContextListener::write" (filter)
2011-02-02T10:05:07+01:00 DEBUG: Write SecurityContext in the session
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Bundle\FrameworkBundle
\RequestListener::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 INFO: Matched route
"extranet_dashboard" (parameters: {"_controller":"Application\
\ExtranetBundle\\Controller\
\DashboardController::indexAction","_route":"extranet_dashboard"})
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Bundle\FrameworkBundle\HttpFoundation
\SessionListener::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Component\Security\Http
\Firewall::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\ChannelListener::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\ContextListener::read" (notifyUntil)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\LogoutListener::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\UsernamePasswordFormAuthenticationListener::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.security" to
listener "Symfony\Component\Security\Http\Firewall
\AccessListener::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.exception" to
listener "Symfony\Component\Security\Http\Firewall
\ExceptionListener::handleException" (notifyUntil)
2011-02-02T10:05:07+01:00 INFO: Authentication exception occurred;
redirecting to authentication entry point (A Token was not found in
the SecurityContext.)
2011-02-02T10:05:07+01:00 DEBUG: Calling Authentication entry point
2011-02-02T10:05:07+01:00 DEBUG: Listener "Symfony\Component\Security
\Http\Firewall\ExceptionListener::handleException" processed the event
"core.exception"
2011-02-02T10:05:07+01:00 DEBUG: Listener "exception_listener::handle"
was not called for event "core.exception"
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.response" to
listener "Symfony\Component\HttpKernel
\ResponseListener::filter" (filter)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.response" to
listener "Symfony\Bundle\FrameworkBundle\HttpFoundation
\SessionListener::filter" (filter)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.response" to
listener "Symfony\Component\Security\Http\Firewall
\ContextListener::write" (filter)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Bundle\FrameworkBundle
\RequestListener::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 INFO: Matched route
"_security_login" (parameters:
{"_controller":"fos_user.controller.security:loginAction","_route":"_security_login"})
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Bundle\FrameworkBundle\HttpFoundation
\SessionListener::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.request" to
listener "Symfony\Component\Security\Http
\Firewall::handle" (notifyUntil)
2011-02-02T10:05:07+01:00 INFO: Using controller "Application
\ExtranetBundle\Controller\SecurityController::loginAction"
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.response" to
listener "Symfony\Component\HttpKernel
\ResponseListener::filter" (filter)
2011-02-02T10:05:07+01:00 DEBUG: Notified event "core.response" to
listener "Symfony\Bundle\FrameworkBundle\HttpFoundation
\SessionListener::filter" (filter)
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
