Skip to content

Added note about anonymous users and access denied handlers #13615

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Added note about anonymous users and access denied handlers #13615

wants to merge 1 commit into from

Conversation

Nyholm
Copy link
Member

@Nyholm Nyholm commented May 3, 2020

This will help to be more clear about the confusion in symfony/symfony#28229
@Nyholm Nyholm mentioned this pull request May 3, 2020
Closed
wouterj
wouterj requested changes May 3, 2020
View reviewed changes
security/access_denied_handler.rst
.. note::

The ``AccessDeniedHandler`` will not be invoked if an anonymous user is trying to
access a protected resource. That will be an ``InsufficientAuthenticationException``.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think the second sentence is very relevant (that's an implementation detail, required to run entry points). What about something like "In that case, the authentication entry point will be called" (I realize that we do not explain "entry point" anywhere in the docs 😞, but that'll need to change for #13605 anyways).
@wouterj
Copy link
Member

wouterj commented Aug 9, 2020

Hi Tobias! thanks for starting this PR (and notifying me about this some months ago). I've continued this by expanding and rewritting this article in #14045 I'm closing this one in favor of that one.
@wouterj wouterj closed this Aug 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Security Status: Needs Work

3 participants

@Nyholm @wouterj @carsonbot