Skip to content

Security Extension cookbook article #429

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 22, 2011
Merged

Security Extension cookbook article #429

merged 5 commits into from
Jun 22, 2011

Conversation

@bshaffer
Copy link
Contributor

It's a long one!

I used WSSE, but tried to focus on the extending of the security component, and not on the technology itself. I hope this is useful, although I understand it's a very specific use case. Even so, I think it provides a very good introduction to the different parts of the component (listeners, providers, factories, and tokens).

All suggestions are welcome. You can view the latest build here
stof
stof reviewed Jun 21, 2011
View reviewed changes
cookbook/security/custom_extension.rst Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you should use the :class: syntax to link to the API doc
@stof
Copy link
Member

stof commented Jun 21, 2011

Another issue is the naming custom extension. There is no concept of Security extension. What you are doing is implementing your own authentication listener.
@bshaffer
Copy link
Contributor Author

I set out to add a custom authentication provider, but after adding the listener, token, and factory, it seemed more than that. To be honest, I don't know what the best name is for it. I felt security extension was the best, since I am indeed extending the security component.
@stof
Copy link
Member

stof commented Jun 21, 2011

yeah, but creating your UserProvider is also considered as extending the Security component. There is not a single extension point so using extension for one of them seems wrong as it let think that it is the way to go to extend the security component
@michelsalib
Copy link

@bshaffer thanks for your work! I implemented my own Security Extension lately and it was very tricky without documentation.
Your documentation covered all the points I ran into and taught me a few extra tips!
+1
@bshaffer
Copy link
Contributor Author

Changes made @stof. @michelsalib - thanks for the feedback!
@weaverryan weaverryan merged commit b24fec5 into symfony:master Jun 22, 2011
@weaverryan
Copy link
Member

Love it - merged this guy in - really really well done. I've made some changes here: 9b4cbdd

We may need to add a little more explanation in the article here and there over time, but we can do that later.

Thanks a lot for this entry!
weaverryan
weaverryan reviewed Jun 22, 2011
View reviewed changes
cookbook/security/custom_extension.rst
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can add a little more detail about what this method should/could do?
@bshaffer
Copy link
Contributor Author

Really good changes here, Ryan, and great attention to detail. I'll be sure to use a finer comb next time.

Good ideas on the additional points. There is a lot in this article that could be expanded upon, success/failure handlers, session storage, and more. I'll definitely keep these on the back burner.

Thanks again!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

6 participants

@bshaffer @stof @michelsalib @weaverryan @mattjanssen @xabbuh