Geek Answers Handbook

Symfony22 Entity Provider Overrides User Auth Provider

My custom Symfony2 authentication mechanism now works .

Provider>

I almost used FOSUserBundle, but I don’t even have email addresses for my users, and I don’t need additional features or complexities.

So instead, I just use an entity provider .

I installed my encoder in plain text because the client API library handles this for me, but, alas, one more catch: it seems that Users are now authenticated against these user records .

Before I implemented the entity provider, my login form gave me valid answers: the correct credentials did not give any error, the bad credentials led to my user "incorrect user / password error".

Now, even if I supply the credentials that I know are correct, all I get is the Bad Credentials error message, as if I were implementing UserAuthenticationProvider , but as far as I know, I don't know. My custom provider directly implements the AuthenticationProviderInterface property .

So, at the moment, I assume that I have incorrectly implemented the entity data provider, so that it somehow overrides my custom authentication provider. What is the correct way to configure a custom object provider and a custom authentication provider at the same time?

Files

Relevant security.yml section

encoders: WordRot\PlayBundle\Entity\User: plaintext providers: wordnik_users: entity: { class: WordRotPlayBundle:User, property: username } firewalls: wordnik_secured: pattern: ^/play logout: ~ anonymous: ~ # The next line specifies the custom authentication provider: wordnik: true form_login: provider: wordnik_users login_path: /login check_path: /play_check # on success always_use_default_target_path: true default_target_path: /play

EDIT

This may be helpful . This is diff on the main branch ...

  • From when the custom auth provider ( WordnikProvider ) is still running (a473d354)
  • To the last commit on the main branch (ddcfeae2), where the auth provider is no longer running.

EDIT 2

With a lot of breakpoints, I found:

  • In the POST login form, WordnikProvider # supports , is called with the name UsernamePasswordToken, returning false .
  • A WordnikListener is created in the POST login form, but other methods ( attemptAuthentication , requiresAuthentication ) are never called. Yet WordnikFactory#createListener is never called either! It's amazing that the listener is built.
  • However, in the login_check GET, WordnikListener#requiresAuthentication called.
+7
source share
1 answer

So, we have been discussing this for a long time. The main problem was that the form_login services were interfering with the wodnik service. Deleted form_login and things got better.

http://chat.stackoverflow.com/rooms/25251/discussion-between-montgomery-jean-and-cerad

+1
source

More articles:


All Articles