diff options
| author | Gunnar Lium <gunnar@aptoma.com> | 2013-02-04 10:27:49 +0100 |
|---|---|---|
| committer | Gunnar Lium <gunnar@aptoma.com> | 2013-03-23 15:10:50 +0100 |
| commit | e39584c65a12697c1e85d811357b6687e06043a5 (patch) | |
| tree | f419bb9f1111e034ad5c8d5abfc4a644914c1c4f /Http/EntryPoint | |
| parent | aa6acbad8d17f7c8fd6ba4c8ff5ea1009ef5738a (diff) | |
| download | symfony-security-e39584c65a12697c1e85d811357b6687e06043a5.zip symfony-security-e39584c65a12697c1e85d811357b6687e06043a5.tar.gz symfony-security-e39584c65a12697c1e85d811357b6687e06043a5.tar.bz2 | |
[Security] Return 401 when using use_forward for form authentication
Diffstat (limited to 'Http/EntryPoint')
| -rw-r--r-- | Http/EntryPoint/FormAuthenticationEntryPoint.php | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/Http/EntryPoint/FormAuthenticationEntryPoint.php b/Http/EntryPoint/FormAuthenticationEntryPoint.php index 2170e9e..3eaae82 100644 --- a/Http/EntryPoint/FormAuthenticationEntryPoint.php +++ b/Http/EntryPoint/FormAuthenticationEntryPoint.php @@ -53,7 +53,12 @@ class FormAuthenticationEntryPoint implements AuthenticationEntryPointInterface if ($this->useForward) { $subRequest = $this->httpUtils->createRequest($request, $this->loginPath); - return $this->httpKernel->handle($subRequest, HttpKernelInterface::SUB_REQUEST); + $response = $this->httpKernel->handle($subRequest, HttpKernelInterface::SUB_REQUEST); + if (200 === $response->getStatusCode()) { + $response->headers->set('X-Status-Code', 401); + } + + return $response; } return $this->httpUtils->createRedirectResponse($request, $this->loginPath); |