Hi, I see that the password is not hydrated when retreiving user through security context.
But when a provider fetches the user from a database, not having the password forces the developper to execute an extra request just to be able to save the user without a null password. I know that's a security matter, but i feel like i'm doing the exact same query the provider does a second time when it could be avoided. What's the best practice for this ? Thanks. * -- Benjamin Dulau - anonymation CEO anonymation.com | code.anonymation.com ben...@anonymation.com * -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
