[Security] Fix parent serialization of user objectorigin/2.2

author: David de Boer <david@ddeboer.nl> 2013-12-17 21:46:42 +0100
committer: Fabien Potencier <fabien.potencier@gmail.com> 2013-12-23 16:45:07 +0100
commit: b1ad1eb1928ce46962d9c81ffcfa1b11f6dfc476 (patch)
tree: fe81509cec8a7e338b9c13d38c4719fd7b99e351 /Core/Authentication/Token/AbstractToken.php
parent: 5a8f9cd093782a8827fdccd2f2ed1ff790cb35a3 (diff)
download: symfony-security-origin/2.2.zip
symfony-security-origin/2.2.tar.gz
symfony-security-origin/2.2.tar.bz2
1 files changed, 8 insertions, 1 deletions
diff --git a/Core/Authentication/Token/AbstractToken.php b/Core/Authentication/Token/AbstractToken.php
index f21aa76..c24e38e 100644
--- a/Core/Authentication/Token/AbstractToken.php
+++ b/Core/Authentication/Token/AbstractToken.php
@@ -146,7 +146,14 @@ abstract class AbstractToken implements TokenInterface
      */
     public function serialize()
     {
-        return serialize(array($this->user, $this->authenticated, $this->roles, $this->attributes));
+        return serialize(
+            array(
+                is_object($this->user) ? clone $this->user : $this->user,
+                $this->authenticated,
+                $this->roles,
+                $this->attributes
+            )
+        );
     }
 
     /**
author	David de Boer <david@ddeboer.nl>	2013-12-17 21:46:42 +0100
committer	Fabien Potencier <fabien.potencier@gmail.com>	2013-12-23 16:45:07 +0100
commit	b1ad1eb1928ce46962d9c81ffcfa1b11f6dfc476 (patch)
tree	fe81509cec8a7e338b9c13d38c4719fd7b99e351 /Core/Authentication/Token/AbstractToken.php
parent	5a8f9cd093782a8827fdccd2f2ed1ff790cb35a3 (diff)
download	symfony-security-origin/2.2.zip symfony-security-origin/2.2.tar.gz symfony-security-origin/2.2.tar.bz2