Le 04/04/2011 22:44, Dennis Jacobfeuerborn a écrit :
On Monday, April 4, 2011 10:31:30 PM UTC+2, Christophe COEVOET wrote:
Le 04/04/2011 22:27, Dennis Jacobfeuerborn a écrit :
I just upgraded from PR8 to the current git state but this broke
the security stuff. Apparently the security component no longer
handles the _security_check route?
Unable to find the controller for path "/login_check". Maybe you
forgot to add the matching route in your routing configuration?
You need to define a controller as the listener intercept the
request *only* when the credentials are right. If they are wrong
the request is not intercepted and then goes to the controller
(this was still the case before).
I'm not sure I understand. How can the framework even determine if the
credentials are right if it doesn't intercept the /login_check call?
If the credentials are right, the listener returns a Response, so the
request stops here and the controller is never called. If they are
wrong, the listener does not return a response so the request continues
to the controller
This code works fine in PR8 but apparently no longer in the current
git version and I didn't see any other required changes mentioned in
the updates file for the security component apart from the regexp
changes for the patterns.
Regards,
Dennis
--
Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
