I wanted to propose a rather quick topic: revisiting the discussion over the default interfaces in the Security component, particularly regarding the assumption that users have username/password fields. I was speaking to Johannes and digitarald (not sure what his real name is) over this sometime after last week's IRC meeting. Transcript:
https://gist.github.com/710445 The summary was that the existing interfaces in the Security component seem to assume a specific authentication mechanism, and are not well-suited for integration with SSO and shared auth methods (CAS, Facebook, OAuth, etc.). This is relevant to the mailing list discussion some weeks ago, which a number of folks participated in: Symfony2: some random thoughts about the new security layer http://groups.google.com/group/symfony-devs/browse_thread/thread/cfba48ca5c4f756b/6fad459c4d6ec172 Before discussing this Thursday, I hope to gain a deeper understanding of how the Security component utilizes UsernamePasswordToken and PreAuthenticatedToken, as the latter seems like it would be appropriate for SSO. From what I understand presently, the basic AccountInterface, which everything seems to depend upon, mandates the username/password requirement. Perhaps the most basic account should only require a getId() method, and an interface atop that can introduce the username/password requirement. UsernamePasswordToken would then depend on that higher interface, while something like PreAuthenticatedToken can work with the most basic account interface. I'm not looking for an immediate "how to do SSO with security component" solution. Rather, I'd just like to consider how we can make that possible without requiring developers to implement unnecessary code. Thanks, -- jeremy mikola -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
