From 0f0376fdf0512219ef66bf7eff27a1dda4bf2b95 Mon Sep 17 00:00:00 2001 From: Maxime Douailin Date: Tue, 10 Jun 2014 11:09:29 +0200 Subject: [PATCH 1/8] #3921 - explicit 'your_user_provider' configuration parameter --- cookbook/security/pre_authenticated.rst | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cookbook/security/pre_authenticated.rst b/cookbook/security/pre_authenticated.rst index 1bc74d7511b..fe77000422c 100644 --- a/cookbook/security/pre_authenticated.rst +++ b/cookbook/security/pre_authenticated.rst @@ -70,7 +70,10 @@ in the x509 firewall configuration respectively. An authentication provider will only inform the user provider of the username that made the request. You will need to create (or use) a "user provider" that - turns that username into a User object of your choice: + is referenced by the ``provider`` configuration parameter (``your_user_provider`` + in the configuration example). This provider will turn the username into a User + object of your choice. For more information on creating or configuring a user + provider, see: * :doc:`/cookbook/security/custom_provider` * :doc:`/cookbook/security/entity_provider` \ No newline at end of file From e9a457ad044eb0cb9262c621bfbf31e835ad0757 Mon Sep 17 00:00:00 2001 From: Clemens Tolboom Date: Fri, 6 Jun 2014 10:18:57 +0200 Subject: [PATCH 2/8] Reorder page from simple to advanced As a followup on https://github.com/symfony/symfony/pull/10980 I want to propose to reorder the page as the obvious way should come first. I took me way to long to find the correct way :p I added two headers - The default ExceptionController - Override error templates in order to introduce how override works and moved the controller override to the bottom as that is more advanced. --- cookbook/controller/error_pages.rst | 34 +++++++++++++++++++---------- 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/cookbook/controller/error_pages.rst b/cookbook/controller/error_pages.rst index 3cdf7deaec1..09ea19e38a1 100644 --- a/cookbook/controller/error_pages.rst +++ b/cookbook/controller/error_pages.rst @@ -14,21 +14,12 @@ the status code that should be set for the given exception. Error pages can be customized in two different ways, depending on how much control you need: -1. Customize the error templates of the different error pages (explained below); +1. Customize the error templates of the different error pages; 2. Replace the default exception controller ``twig.controller.exception:showAction`` - with your own controller and handle it however you want (see - :ref:`exception_controller in the Twig reference `). - The default exception controller is registered as a service - the actual - class is ``Symfony\Bundle\TwigBundle\Controller\ExceptionController``. - -.. tip:: - - The customization of exception handling is actually much more powerful - than what's written here. An internal event, ``kernel.exception``, is thrown - which allows complete control over exception handling. For more - information, see :ref:`kernel-kernel.exception`. +The default ExceptionController +------------------------------- The default ``ExceptionController`` will either display an *exception* or *error* page, depending on the setting of the ``kernel.debug`` flag. While *exception* pages give you a lot of helpful @@ -46,6 +37,9 @@ shown to the end-user. pages for arbitrary HTTP status codes even with ``kernel.debug`` set to ``true``. +Override error templates +------------------------ + All of the error templates live inside the TwigBundle. To override the templates, simply rely on the standard method for overriding templates that live inside a bundle. For more information, see @@ -129,3 +123,19 @@ Symfony uses the following algorithm to determine which template to use: ``exception.json.twig`` for the JSON exception page. .. _`WebfactoryExceptionsBundle`: https://github.com/webfactory/exceptions-bundle + +Replace the default exception controller +---------------------------------------- + +Replace the default exception controller ``twig.controller.exception:showAction`` +with your own controller and handle it however you want (see +:ref:`exception_controller in the Twig reference `). +The default exception controller is registered as a service - the actual +class is ``Symfony\Bundle\TwigBundle\Controller\ExceptionController``. + +.. tip:: + + The customization of exception handling is actually much more powerful + than what's written here. An internal event, ``kernel.exception``, is thrown + which allows complete control over exception handling. For more + information, see :ref:`kernel-kernel.exception`. From e9481f7e3d0477ddc4d682929690111bbf4e471b Mon Sep 17 00:00:00 2001 From: Clemens Tolboom Date: Fri, 6 Jun 2014 11:40:59 +0200 Subject: [PATCH 3/8] Fixed feedback from @xabbuh --- cookbook/controller/error_pages.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cookbook/controller/error_pages.rst b/cookbook/controller/error_pages.rst index 09ea19e38a1..133b62f5698 100644 --- a/cookbook/controller/error_pages.rst +++ b/cookbook/controller/error_pages.rst @@ -16,10 +16,11 @@ control you need: 1. Customize the error templates of the different error pages; -2. Replace the default exception controller ``twig.controller.exception:showAction`` +2. Replace the default exception controller ``twig.controller.exception:showAction``. The default ExceptionController ------------------------------- + The default ``ExceptionController`` will either display an *exception* or *error* page, depending on the setting of the ``kernel.debug`` flag. While *exception* pages give you a lot of helpful @@ -37,7 +38,7 @@ shown to the end-user. pages for arbitrary HTTP status codes even with ``kernel.debug`` set to ``true``. -Override error templates +Override Error templates ------------------------ All of the error templates live inside the TwigBundle. To override the @@ -124,7 +125,7 @@ Symfony uses the following algorithm to determine which template to use: .. _`WebfactoryExceptionsBundle`: https://github.com/webfactory/exceptions-bundle -Replace the default exception controller +Replace the default Exception Controller ---------------------------------------- Replace the default exception controller ``twig.controller.exception:showAction`` From 889a2b07c1c9659e465fb9ebbfce99488489fd4f Mon Sep 17 00:00:00 2001 From: Clemens Tolboom Date: Fri, 6 Jun 2014 12:57:30 +0200 Subject: [PATCH 4/8] Fixed feedback from @xabbuh: Templates --- cookbook/controller/error_pages.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cookbook/controller/error_pages.rst b/cookbook/controller/error_pages.rst index 133b62f5698..4989868a16c 100644 --- a/cookbook/controller/error_pages.rst +++ b/cookbook/controller/error_pages.rst @@ -38,7 +38,7 @@ shown to the end-user. pages for arbitrary HTTP status codes even with ``kernel.debug`` set to ``true``. -Override Error templates +Override Error Templates ------------------------ All of the error templates live inside the TwigBundle. To override the From 207c1a87963e269c3c2123d963767c091d426065 Mon Sep 17 00:00:00 2001 From: Clemens Tolboom Date: Sun, 8 Jun 2014 10:53:54 +0200 Subject: [PATCH 5/8] Added feedback from @weaverryan with a little move around. --- cookbook/controller/error_pages.rst | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/cookbook/controller/error_pages.rst b/cookbook/controller/error_pages.rst index 4989868a16c..12f53014c1f 100644 --- a/cookbook/controller/error_pages.rst +++ b/cookbook/controller/error_pages.rst @@ -35,7 +35,7 @@ shown to the end-user. The third-party `WebfactoryExceptionsBundle`_ provides a special test controller that allows you to display your custom error - pages for arbitrary HTTP status codes even with + pages for arbitrary HTTP status codes even with ``kernel.debug`` set to ``true``. Override Error Templates @@ -128,12 +128,25 @@ Symfony uses the following algorithm to determine which template to use: Replace the default Exception Controller ---------------------------------------- -Replace the default exception controller ``twig.controller.exception:showAction`` -with your own controller and handle it however you want (see -:ref:`exception_controller in the Twig reference `). +If you need a little more flexibility beyond just overriding the template +(e.g. you need to pass some additional variables into your template), +then you can override the controller that renders the error page. + The default exception controller is registered as a service - the actual class is ``Symfony\Bundle\TwigBundle\Controller\ExceptionController``. +To do this, create a new controller class and make it extend Symfony's default +Symfony\Bundle\TwigBundle\Controller\ExceptionController class. + +There are several methods you can override to customize different parts of how +the error page is rendered. You could ie replace the default exception +controller ``twig.controller.exception:showAction`` with your own method +and handle it however you want. + +To make Symfony use your exception controller instead of the default, set the +:ref:`twig.exception_controller option +in app/config/config.yml. + .. tip:: The customization of exception handling is actually much more powerful From b87f42026b2534eb41643e1e281566903e1895ef Mon Sep 17 00:00:00 2001 From: Clemens Tolboom Date: Mon, 9 Jun 2014 15:09:54 +0200 Subject: [PATCH 6/8] Fixed @weaverryan: backticks and rephase method overrides. --- cookbook/controller/error_pages.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cookbook/controller/error_pages.rst b/cookbook/controller/error_pages.rst index 12f53014c1f..3766fa56b70 100644 --- a/cookbook/controller/error_pages.rst +++ b/cookbook/controller/error_pages.rst @@ -136,15 +136,15 @@ The default exception controller is registered as a service - the actual class is ``Symfony\Bundle\TwigBundle\Controller\ExceptionController``. To do this, create a new controller class and make it extend Symfony's default -Symfony\Bundle\TwigBundle\Controller\ExceptionController class. +``Symfony\Bundle\TwigBundle\Controller\ExceptionController`` class. There are several methods you can override to customize different parts of how -the error page is rendered. You could ie replace the default exception -controller ``twig.controller.exception:showAction`` with your own method -and handle it however you want. +the error page is rendered. You could, for example, override the entire +``showAction`` or just the ``findTemplate`` method, which locates which +template should be rendered. To make Symfony use your exception controller instead of the default, set the -:ref:`twig.exception_controller option +:ref:`twig.exception_controller ` option in app/config/config.yml. .. tip:: From 3ec651cb2bc519d82f78e9e7fa8f15e4259fe8ec Mon Sep 17 00:00:00 2001 From: Mitchel Date: Tue, 10 Jun 2014 15:24:04 +0200 Subject: [PATCH 7/8] Update custom_authentication_provider.rst Removed response because it will always be overwritten "By default deny authorization" response --- cookbook/security/custom_authentication_provider.rst | 6 ------ 1 file changed, 6 deletions(-) diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst index 42f098464ab..73f76f2857e 100644 --- a/cookbook/security/custom_authentication_provider.rst +++ b/cookbook/security/custom_authentication_provider.rst @@ -159,12 +159,6 @@ set an authenticated token in the security context if successful. // $this->securityContext->setToken(null); // } // return; - - // Deny authentication with a '403 Forbidden' HTTP response - $response = new Response(); - $response->setStatusCode(Response::HTTP_FORBIDDEN); - $event->setResponse($response); - } // By default deny authorization From 0c60236c48a8905fe71dd9e1d56d7fedb99ba1c1 Mon Sep 17 00:00:00 2001 From: Ryan Weaver Date: Wed, 11 Jun 2014 10:08:53 -0500 Subject: [PATCH 8/8] Backporting #3929 to 2.3 --- cookbook/security/custom_authentication_provider.rst | 6 ------ 1 file changed, 6 deletions(-) diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst index 81db71c862c..a9244dfe002 100644 --- a/cookbook/security/custom_authentication_provider.rst +++ b/cookbook/security/custom_authentication_provider.rst @@ -150,12 +150,6 @@ set an authenticated token in the security context if successful. // $this->securityContext->setToken(null); // } // return; - - // Deny authentication with a '403 Forbidden' HTTP response - $response = new Response(); - $response->setStatusCode(403); - $event->setResponse($response); - } // By default deny authorization