[Security] removed the 401 error custom status message

author: Fabien Potencier <fabien.potencier@gmail.com> 2012-10-31 17:45:37 +0100
committer: Fabien Potencier <fabien.potencier@gmail.com> 2012-11-06 09:15:19 +0100
commit: 5512b0a91ae03413414d689184cb0f260807a291 (patch)
tree: 8c437c0bd421978609b10056ea9987932a3aca4a
parent: b20dc084818bf7f59dd4ff937896f4236821055c (diff)
download: symfony-security-5512b0a91ae03413414d689184cb0f260807a291.zip
symfony-security-5512b0a91ae03413414d689184cb0f260807a291.tar.gz
symfony-security-5512b0a91ae03413414d689184cb0f260807a291.tar.bz2
4 files changed, 2 insertions, 7 deletions
diff --git a/Http/EntryPoint/BasicAuthenticationEntryPoint.php b/Http/EntryPoint/BasicAuthenticationEntryPoint.php
index 6ba3872..44ece5e 100644
--- a/Http/EntryPoint/BasicAuthenticationEntryPoint.php
+++ b/Http/EntryPoint/BasicAuthenticationEntryPoint.php
@@ -34,7 +34,7 @@ class BasicAuthenticationEntryPoint implements AuthenticationEntryPointInterface
     {
         $response = new Response();
         $response->headers->set('WWW-Authenticate', sprintf('Basic realm="%s"', $this->realmName));
-        $response->setStatusCode(401, $authException ? $authException->getMessage() : null);
+        $response->setStatusCode(401);
 
         return $response;
     }
diff --git a/Http/EntryPoint/DigestAuthenticationEntryPoint.php b/Http/EntryPoint/DigestAuthenticationEntryPoint.php
index ec92419..37fba85 100644
--- a/Http/EntryPoint/DigestAuthenticationEntryPoint.php
+++ b/Http/EntryPoint/DigestAuthenticationEntryPoint.php
@@ -57,7 +57,7 @@ class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterfac
 
         $response = new Response();
         $response->headers->set('WWW-Authenticate', $authenticateHeader);
-        $response->setStatusCode(401, $authException ? $authException->getMessage() : null);
+        $response->setStatusCode(401);
 
         return $response;
     }
diff --git a/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php
index b442309..b9e289d 100644
--- a/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php
+++ b/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php
@@ -34,7 +34,6 @@ class BasicAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase
 
         $this->assertEquals('Basic realm="TheRealmName"', $response->headers->get('WWW-Authenticate'));
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('The exception message', 'statusText', $response);
     }
 
     public function testStartWithoutAuthException()
@@ -47,6 +46,5 @@ class BasicAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase
 
         $this->assertEquals('Basic realm="TheRealmName"', $response->headers->get('WWW-Authenticate'));
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('Unauthorized', 'statusText', $response);
     }
 }
diff --git a/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php
index ae0e3cc..8dfd618 100644
--- a/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php
+++ b/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php
@@ -34,7 +34,6 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase
         $response = $entryPoint->start($request, $authenticationException);
 
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('TheAuthenticationExceptionMessage', 'statusText', $response);
         $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}"$/', $response->headers->get('WWW-Authenticate'));
     }
 
@@ -46,7 +45,6 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase
         $response = $entryPoint->start($request);
 
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('Unauthorized', 'statusText', $response);
         $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}"$/', $response->headers->get('WWW-Authenticate'));
     }
 
@@ -60,7 +58,6 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase
         $response = $entryPoint->start($request, $nonceExpiredException);
 
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertAttributeEquals('TheNonceExpiredExceptionMessage', 'statusText', $response);
         $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}", stale="true"$/', $response->headers->get('WWW-Authenticate'));
     }
 }
author	Fabien Potencier <fabien.potencier@gmail.com>	2012-10-31 17:45:37 +0100
committer	Fabien Potencier <fabien.potencier@gmail.com>	2012-11-06 09:15:19 +0100
commit	5512b0a91ae03413414d689184cb0f260807a291 (patch)
tree	8c437c0bd421978609b10056ea9987932a3aca4a
parent	b20dc084818bf7f59dd4ff937896f4236821055c (diff)
download	symfony-security-5512b0a91ae03413414d689184cb0f260807a291.zip symfony-security-5512b0a91ae03413414d689184cb0f260807a291.tar.gz symfony-security-5512b0a91ae03413414d689184cb0f260807a291.tar.bz2