[symfony-users] Re: Security - UserProvider with Web Service - Get the password
I got the same problem. I have to curl an service passing username and password. It will return me a cookie corresponding to the user "session". Any thoughts on how to do that? -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: [Symfony 2] "The "templating" extension is not enabled" after updating
Found out it was been caused by twig cache. Removed it and all working fine again. If you're updating by copying files make sure you delete your cache. -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] [Symfony 2] "The "templating" extension is not enabled" after updating
Hey guys, Just updated my Beta1 to Beta3. Now I Receive this message: The "templating" extension is not enabled in FooApplicationBundle:Bar:index.html.twig at line 65 on that line there is an {{ asset('bundles/foo/images/image.png') }}. I was having the same problem with an include call. In the header I was using an variable that was being set in the controller. So, thinking that might be the problem I did an: {% include "FooApplicationBundle:Default:header.html.twig" with {'menu': menu} %} And it solved the problem for the included template, although the template that is throwing the exception is called directly from the controller with $this->render(). I checked my config for the template engine and it is there. templating: { engines: ['twig'] } Any ideas on that problem? -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] [Symfony 2] Custom Authentication
Hello Guys, Well, looks like my efforts on testing the authentication with users taken from a database will not be used. The scenario has changed. I won't be using databases at all in my application and will by fully using an API. Well, the thing is, I have to authenticate the user doing an xhr to the api. After that a redirection occurs. So, I would like to ask you the best way to do so in Symfony, I'm thinking about how I could use some of the features from the User authentication and authorization but I'm aware that I should do a custom "way of checking" and "using" the authenticated user. I'm currently using the firewall to check if user can access some page. I would really like to continue using that. Well, what do you think? -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Re: [Symfony 2] Login using built-in security bundle
Hey, Thanks! Totally forgot about that requirement (it was not in the version I had, like Daniel mentioned) I really got confused with the other version I messed with. Thanks again! -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: [Symfony 2] Login using built-in security bundle
Hey Guys, Sorry to bring the post back to life but the problem returned! So, I did some other things in the project and wanted to do the login with an entity. Although I found out I was using an older version so I was having some problems following the docs (and I couldn't do the login steps too, if someone have a step-by-step on how to do a simple login with a simple user entity, email/md5(pass) using the built-in security, authorization and User I would appreciate) I downloaded Beta 1 again and started to do all I did in the other messed up version (Not much was done so no problem there) but the security stopped working at all! This is how security.yml is: security: encoders: Symfony\Component\Security\Core\User\User: plaintext role_hierarchy: ROLE_USER: ROLE_USER providers: in_memory: users: user: { password: userpass, roles: [ 'ROLE_USER' ] } firewalls: profiler: pattern: ^/_profiler security: false wdt: pattern: ^/_wdt security: false public: pattern: ^/(register)? security: false main: pattern: ^/[a-zA-Z]+ form_login: check_path: /login_check login_path: / default_target_path: /monitor logout: path: /logout target: / and my routes is pretty much the same as before: (home is where the login form is now) home: pattern: / defaults: { _controller: MyApplicationBundle:Home:index } cadastro: pattern: /register defaults: { _controller: MyApplicationBundle:Register:index } monitor: pattern: /monitor defaults: { _controller: MyApplicationBundle:Monitor:index } _security_check: pattern: /login_check logout: pattern: /logout Well, in the messed up version It was working fine, when I tried /monitor it redirected to / with the login form. When I logged in (in_memory) it redirected to /monitor as expected. But in this version I can go to /monitor with no authentication (as well as the other routes I have configured). Any ideas on this? Thanks in advance! -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: [Symfony2] Highlighting menu based on controller called
I ended up putting a variable in the view indicating the menu that should be highlighted. So now my tests are if (menu == 'foo') Still, I think it is not good, will look for a better way in the future (like knowing in the view the controller that was called?) -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] [Symfony2] Highlighting menu based on controller called
Hey guys, I've been searching for a way of getting the controller that was called so I can highlight the menu. I looked in the HTTP Foundation class and it seems that there is no way of doing it. Even searching here I couldn't find anyone that had the same problem. Well, now i'm doing it the following way (note that I need it to show some element in the html and a class in an element) {% if (app.request.getPathInfo == '/foo') %} {% endif %} Foo {% if (app.request.getPathInfo == '/foo') %} {% endif %} {% if (app.request.getPathInfo == '/bar') %} {% endif %} Bar {% if (app.request.getPathInfo == '/bar') %} {% endif %} For now it is working since I don't have /foo/abc for example, all the urls are /foo and /bar so the test will work. Also I think that is not a nice way of testing (actually using the url and not the controller name) So is there anyway of getting the controller name on the template? -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: Login using built-in security bundle
Hi Daniel, It worked! I think I really had a problem with the pattern and the naming. I ended up with this: security.yml (copied from yours) login: pattern: ^/login$ security: false system: pattern: ^/[a-zA-Z]+ form_login: check_path: /login-check login_path: /login default_target_path: /monitor logout: path: /logout target: / public: pattern: ^/ security: false routing.yml login: pattern: /login defaults: { _controller: MyApplicationBundle:Login:login } _security_check: pattern: /login-check logout: pattern: /logout and the controller MyApplicationBundle:Login:login public function loginAction() { if ($this->get('request')->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) { $error = $this->get('request')->attributes->get(SecurityContext::AUTHENTICATION_ERROR); } else { $error = $this->get('request')->getSession()->get(SecurityContext::AUTHENTICATION_ERROR); } return $this->render('EcompeteApplicationBundle:Login:index.html.twig', array( 'last_username' => $this->get('request')->getSession()->get(SecurityContext::LAST_USERNAME), 'error' => $error, )); } It's working just fine. My next step is to use the actual entity to use. Thanks a lot, Filipe La Ruina -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] [Symfony 2] Login using built-in security bundle
Hey Guys, I'm doing a project using Symfony 2 and the project involves '/' as being an login/register page and all the other pages require a logged user (it will be an entity) I'm reading the book but still I think the security part is not really clear for me. I see by the demo that I can have an almost automatic login system but when I try to do something that look like the one from the demo I can't get it. My security.yml contains: system: pattern: /[a-zA-Z]+ form_login: true logout: true public: pattern: / security: false Them I created routes for my login and login_check (as the book says): _security_login: pattern: /login defaults: { _controller: MyApplicationBundle:Login:login } _security_check: pattern: /login_check I built the Controller with the loginAction with the code from the book: public function loginAction() { if ($this->get('request')->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) { $error = $this->get('request')->attributes->get(SecurityContext::AUTHENTICATION_ERROR); } else { $error = $this->get('request')->getSession()->get(SecurityContext::AUTHENTICATION_ERROR); } return $this->render('MyApplicationBundle:Login:index.html.twig', array( 'last_username' => $this->get('request')->getSession()->get(SecurityContext::LAST_USERNAME), 'error' => $error, )); } although it prints out the form just fine the security_check (that I think has some field validation) does not happen, it says that the controller is not found (I think it makes sense) and even if I put the controller there it says I have to implement the check method. I think all of that makes perfect sense, although in the demo it uses the built-in security somehow and I couldn't figure it out. So my question, after all this text is, how can I build that, preferably using the validation features symfony provides? -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en