On 08.12.2010, at 08:54, Lukas Kahwe Smith wrote: > > On 08.12.2010, at 08:44, Fabien Potencier wrote: > >> On 12/7/10 8:35 PM, Lukas Kahwe Smith wrote: >>> Hi, >>> >>> Just a reminder that we need topic proposals. >>> Right now I think the state of development of the Security Firewall is a >>> hot topic from my POV. >> >> Probably but we need specific things that need to be discussed. > > > 1) hashing > right now the user object is responsible for hashing passwords on creation, > while the firewall is responsible for hashing on login. this needs to be > brought to a single point. ideally there should also be a way of being able > to use different algorithms in one provider
https://github.com/fabpot/symfony/pull/250 > 2) remember me cookie > this is a glaring whole in the current feature set. johannes did pull/183 a > while back, but he suspects this is now outdated mixed up the numners: https://github.com/fabpot/symfony/pull/138 > 3) request object > did anyone else manage to inject the request service in a user repository > interface? it seems to be like there is something wrong in the order how the > request service is injected into the container and when the security firewall > is triggered regards, Lukas Kahwe Smith m...@pooteeweet.org -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to symfony-devs@googlegroups.com To unsubscribe from this group, send email to symfony-devs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
