Clever Geek Handbook

Using / configuring the Symfony security component

I am trying to set up security using the Symfony security component in custom PHP applications. I have everything wired right down to the HTTP core and all authentication and authorization products using an in-memory data provider.

However, when I access the secure url, I get the following error: "Token not found in SecurityContext". My understanding is that if theirs are not Symfony Token then need to be redirected to a customized login screen.

Another funny thing: when I set up an access card with any entry that requires HTTP, it changes protocols and redirects to / login.

Not sure. If anyone has a working example, the Sailx and Symfony Security bundle seem to be pretty tricky to distill.

Current configurations using dependency injection

        ##Authentication 
    $this->container->setParameter( "anonymous_key", uniqid() );
    $this->container->register( "password.encoder.pbkd", "Symfony\Component\Security\Core\Encoder\Pbkdf2PasswordEncoder");
    $this->container->register( "provider.inmemory", "Symfony\Component\Security\Core\User\InMemoryUserProvider" );
    $this->container->register( "user.checker", "Symfony\Component\Security\Core\User\UserChecker" );

    $this->container->register( "encoder.factory", "Symfony\Component\Security\Core\Encoder\EncoderFactory")
        ->addArgument( ["Symfony\Component\Security\Core\User\User"=>new Reference("password.encoder.pbkd")] );

    $this->container->register( "authentication.provider.daoauth","Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider")
        ->addArgument(new Reference( "provider.inmemory" ))
        ->addArgument(new Reference( "user.checker" ))
        ->addArgument( "secured" )
        ->addArgument(new Reference( "encoder.factory" ));

    $this->container->register( "authentication.provider.anonymousauth","Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider")
        ->addArgument("%anonymous_key%");

    $this->container->register( "authentication.provider.manager","Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager")
        ->addArgument( [ new Reference("authentication.provider.daoauth"), new Reference("authentication.provider.anonymousauth")] );

    ##Authorization
    $this->container->register( "voter.authenticated", "Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter")
        ->addArgument( new Reference("authentication.trust.resolver") );

    $this->container->register( "rolehierarchy", "Symfony\Component\Security\Core\Role\RoleHierarchy")
        ->addArgument( ["ROLE_SUPER_ADMIN"=>["ROLE_ADMIN","ROLE_USER"]]);
    $this->container->register( "voter.rolehierarchy", "Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter")
        ->addArgument( new Reference( "rolehierarchy" ));

    $this->container->register( "authorization.access_decision.manager","Symfony\Component\Security\Core\Authorization\AccessDecisionManager")
        ->addArgument(  [ new Reference("voter.rolehierarchy"), new Reference( "voter.authenticated" ) ] );

    ##Context
    $this->container->register( "security.context", "Symfony\Component\Security\Core\SecurityContext")
        ->addArgument( new Reference("authentication.provider.manager") )
        ->addArgument( new Reference("authorization.access_decision.manager") );


    #Firewall, Access and Controls  

    ###RequestMatcher
    $this->container->register("backend.requestmatcher", "Symfony\Component\HttpFoundation\RequestMatcher")
        ->addArgument("%backend_prefix%");

    ###AccessMap
    $this->container->register( "security.accessmap", "Symfony\Component\Security\Http\AccessMap")
        ->addMethodCall("add", [new Reference("backend.requestmatcher"), ["ROLE_ADMIN"] ] );

    ###HTTPUtils
    $this->container->register( "http.utils", "Symfony\Component\Security\Http\HttpUtils")
        ->addArgument( new Reference( "symfony.url.generator" ) )
        ->addArgument( new Reference( "symfony.url.matcher" ) );

    ###Session Strategy
    $this->container->register( "session.strategy.authentication", "Symfony\Component\Security\Http\Session\SessionAuthenticationStrategy")
        ->addArgument( SessionAuthenticationStrategy::MIGRATE );

    ###Resolvers
    $this->container->register( "authentication.trust.resolver", "Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver")
        ->addArgument("Symfony\Component\Security\Core\Authentication\Token\AnonymousToken")
        ->addArgument("Symfony\Component\Security\Core\Authentication\Token\RememberMeToken");      

    ###EntryPoint
    $this->container->register( "entrypoint.formauth", "Symfony\Component\Security\Http\EntryPoint\FormAuthenticationEntryPoint")
        ->addArgument( new Reference("http.kernel") )
        ->addArgument( new Reference("http.utils") )
        ->addArgument( "/login" );

    ###Listener
    #### 
    $this->container->register("security.exception.listener", "Symfony\Component\Security\Http\Firewall\ExceptionListener")
        ->addArgument(new Reference( "security.context" ) )
        ->addArgument(new Reference( "authentication.trust.resolver" ))
        ->addArgument( new Reference( "http.utils") )
        ->addArgument( "testing" )
        ->addArgument( null )
        ->addArgument( null )
        ->addArgument( null )
        ->addArgument( new Reference("monologger.security") );      

    $this->container->register("security.channel.listener", "Symfony\Component\Security\Http\Firewall\ChannelListener")
        ->addArgument( new Reference( "security.accessmap" ))
        ->addArgument( new Reference( "entrypoint.formauth" ))
        ->addArgument( new Reference( "monologger.security" ));

    $this->container->register("security.anonymous.listener", "Symfony\Component\Security\Http\Firewall\AnonymousAuthenticationListener")
        ->addArgument(new Reference( "security.context" ) )
        ->addArgument( "" )
        ->addArgument( new Reference( "monologger.security" ));

    $this->container->register("security.logout.listener", "Symfony\Component\Security\Http\Firewall\LogoutListener")
        ->addArgument(new Reference( "security.context" ) )
        ->addArgument(new Reference( "http.utils" ) )
        ->addArgument(new Reference( "default.success.logout.handler" ) );

    $this->container->register("security.context.listener", "Symfony\Component\Security\Http\Firewall\ContextListener")
        ->addArgument(new Reference( "security.context" ) )
        ->addArgument( [ new Reference("provider.inmemory") ] )
        ->addArgument( "secured" )
        ->addArgument( new Reference( "monologger.security" ))
        ->addArgument( new Reference("symfony.event.dispatcher") );

    $this->container->register("security.username_password_form.listener", "Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener")
        ->addArgument(new Reference( "security.context" ) )
        ->addArgument(new Reference( "authentication.provider.manager" ) )
        ->addArgument(new Reference( "session.strategy.authentication" ) )
        ->addArgument(new Reference( "http.utils" ) )
        ->addArgument("secured")
        ->addArgument(new Reference( "default.success.authentication.handler" ))
        ->addArgument(new Reference( "default.failure.authentication.handler" ))
        ->addArgument([])
        ->addArgument(new Reference( "monologger.security" ))
        ->addArgument(new Reference( "symfony.event.dispatcher" ));

    $this->container->register("security.access.listener", "Symfony\Component\Security\Http\Firewall\AccessListener")
        ->addArgument(new Reference( "security.context" ) )
        ->addArgument(new Reference( "authorization.access_decision.manager" ) )
        ->addArgument(new Reference( "security.accessmap" ) )
        ->addArgument(new Reference( "authentication.provider.manager" ) );

    $listeners = [
        new Reference("security.channel.listener"),
        new Reference("security.logout.listener"),
        new Reference("security.context.listener"),
        new Reference( "security.username_password_form.listener" ),
        new Reference( "security.access.listener" ),
        new Reference("security.anonymous.listener")
    ];
    ##

    ###Handlers
    $this->container->register( "default.success.logout.handler","Symfony\Component\Security\Http\Logout\DefaultLogoutSuccessHandler")
        ->addArgument( new Reference("http.utils"))
        ->addArgument("/login");

    $this->container->register( "default.failure.authentication.handler","Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler" )
        ->addArgument( new Reference( "http.kernel" ))
        ->addArgument( new Reference( "http.utils" ))
        ->addArgument( [] )
        ->addArgument( new Reference( "monologger.security" ) );

    $this->container->register( "default.success.authentication.handler","Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler")
        ->addArgument( new Reference( "http.utils" ))
        ->addArgument( [] );        

    $this->container->register( "security.firewall.map","Symfony\Component\Security\Http\FirewallMap")
        ->addMethodCall("add", [new Reference("backend.requestmatcher"), $listeners, new Reference("security.exception.listener") ] );

    $this->container->register( "security.firewall","Symfony\Component\Security\Http\Firewall")
        ->addArgument( new Reference("security.firewall.map") )
        ->addArgument( new Reference("symfony.event.dispatcher") );
+3


source to share


No one has answered this question yet

Check out similar questions:



More articles:


All Articles