Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] 4373 - document security events #5303

Merged
merged 7 commits into from
Jan 10, 2016
Merged

[WIP] 4373 - document security events #5303

merged 7 commits into from
Jan 10, 2016

Conversation

kevintweber
Copy link

This is documentation for #4373. This pull request has two parts:

  • The component/security/authentication additions
  • The new cookbook security cookbook page.

The new cookbook page is designed to give an example of how to use authentication events in an application. I have given example code for two of the four classes needed to throttle failed login attempts. The other two classes are a doctrine entity, and a class containing throttle domain logic, both of which are outside the scope of this documentation.

I would welcome any comments and suggestions. Thank you.

@kevintweber
Copy link
Author

Fudge. I just realized that I used the RequestStack in the cookbook page, which was introduced in 2.4 not 2.3. Alas...

weaverryan
weaverryan reviewed Oct 13, 2015
View reviewed changes
components/security/authentication.rst

When a provider authenticates the user, a ``security.authentication.success``
event is dispatched. Likewise, when no providers authenticate the user,
a ``security.authentication.failure`` event is dispatched. You
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sentence kind of makes it sound like this event will happen when no providers authentication versus "1 authenticator fails authentication". How about:

Likewise, when a provider attempts authentication but fails (i.e. throws an
``AuthenticationException``), a ``security.authentication.failure`` event is dispatched.

@weaverryan
Copy link
Member

@kevintweber don't worry about the request_stack thing. Actually, if you could do everything with the request service that would be ideal. Then I can easily merge into 2.3, then merge up to 2.6 and change to request_stack there.

@weaverryan
Copy link
Member

Ping @kevintweber! Will you have some time to finish this?

Thanks!

@kevintweber
Copy link
Author

@weaverryan Yeah, I'll do it now. I'm going to remove the cookbook entry because it's rather contrived, and no application should implement such functionality. It's just a bad example.

@kevintweber
Copy link
Author

The text is ready to go. I cannot see the merge conflicts, so you may need to massage it a bit. (And sorry about the huge delay.) If you want me to squash the commits, just say so.

@weaverryan
Copy link
Member

You did a VERY nice job explaining this - a really nice addition. Thanks so much Kevin!

@weaverryan weaverryan merged commit 0dbabfe into symfony:2.3 Jan 10, 2016
weaverryan added a commit that referenced this pull request Jan 10, 2016
@weaverryan
feature #5303 [WIP] 4373 - document security events (kevintweber)
b22637c 
This PR was merged into the 2.3 branch.

Discussion
----------

[WIP] 4373 - document security events

This is documentation for #4373.  This pull request has two parts:
* The component/security/authentication additions
* The new cookbook security cookbook page.

The new cookbook page is designed to give an example of how to use authentication events in an application.  I have given example code for two of the four classes needed to throttle failed login attempts.  The other two classes are a doctrine entity, and a class containing throttle domain logic, both of which are outside the scope of this documentation.

I would welcome any comments and suggestions.  Thank you.

Commits
-------

0dbabfe Security - Cookbook - removed bad example.
69c0089 Merge branch '4373_Document_Security_Events' of github.com:kevintweber/symfony-docs into 4373_Document_Security_Events
a14bd07 Security - Authentication - removed inaccurate tip.
f15bea4 Added new cookbook page to security index.
5bdfd71 Better formatting for authentication tip.
9b2e9d8 Better section titles for security events on authentication page.
286f00c Added security event descriptions to security component authentication page.
xabbuh added a commit to xabbuh/symfony-docs that referenced this pull request Jan 11, 2016
@xabbuh
[symfony#5303] escape namespace backslashes in class role
d9f931a
xabbuh added a commit that referenced this pull request Jan 11, 2016
@xabbuh
minor #6127 escape namespace backslashes in class role (xabbuh)
c57f756 
This PR was merged into the 2.3 branch.

Discussion
----------

escape namespace backslashes in class role

Commits
-------

d9f931a [#5303] escape namespace backslashes in class role
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Status: Needs Work
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kevintweber @weaverryan @EAnushan @xabbuh