diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2011-11-10 10:55:51 +0100 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2011-11-10 10:55:51 +0100 |
| commit | 00ce6d50e0756097d92beb627c43b0f15fc38a4b (patch) | |
| tree | 0782c11f5f0649be90157c86dca33ca862136137 /Http | |
| parent | 0a472f1c59677e77140d937eebb7523cdbe0a90e (diff) | |
| parent | ddc9cd6eab1f225a9e5156cf3efc79a73b4154ac (diff) | |
| download | symfony-security-00ce6d50e0756097d92beb627c43b0f15fc38a4b.zip symfony-security-00ce6d50e0756097d92beb627c43b0f15fc38a4b.tar.gz symfony-security-00ce6d50e0756097d92beb627c43b0f15fc38a4b.tar.bz2 | |
merged branch snc/issue-1798-sf21 (PR #2598)
Commits
-------
4d80ebd Remove security token if user was deleted, is disabled or locked to prevent infinite redirect loops to the login path (fixes #1798).
Discussion
----------
[2.1] Fix for issue 1798
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #1798
This is a simplified PR of #2528 for the master branch.
Diffstat (limited to 'Http')
| -rw-r--r-- | Http/Firewall/ExceptionListener.php | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index 1535b9b..62f48cf 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -160,10 +160,9 @@ class ExceptionListener $this->setTargetPath($request); - if ($authException instanceof AccountStatusException && ($token = $this->context->getToken()) instanceof UsernamePasswordToken) { + if ($authException instanceof AccountStatusException) { // remove the security token to prevent infinite redirect loops $this->context->setToken(null); - $request->getSession()->remove('_security_' . $token->getProviderKey()); } return $this->authenticationEntryPoint->start($request, $authException); |