diff options
| author | H. Westphal <westphal@secure-net-concepts.de> | 2011-11-10 10:34:33 +0100 |
|---|---|---|
| committer | H. Westphal <westphal@secure-net-concepts.de> | 2011-11-10 10:34:33 +0100 |
| commit | ddc9cd6eab1f225a9e5156cf3efc79a73b4154ac (patch) | |
| tree | baeaa0135913e21dff3e924118c8f7acb0253923 /Http | |
| parent | 551766c060854b3b0bbd3428a9ae25712f4d2781 (diff) | |
| download | symfony-security-ddc9cd6eab1f225a9e5156cf3efc79a73b4154ac.zip symfony-security-ddc9cd6eab1f225a9e5156cf3efc79a73b4154ac.tar.gz symfony-security-ddc9cd6eab1f225a9e5156cf3efc79a73b4154ac.tar.bz2 | |
Remove security token if user was deleted, is disabled or locked to prevent infinite redirect loops to the login path (fixes #1798).
Diffstat (limited to 'Http')
| -rw-r--r-- | Http/Firewall/ExceptionListener.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index a36baf3..e34b14b 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -17,6 +17,7 @@ use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Core\Exception\AccountStatusException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException; use Symfony\Component\Security\Http\HttpUtils; @@ -158,6 +159,11 @@ class ExceptionListener $this->setTargetPath($request); + if ($authException instanceof AccountStatusException) { + // remove the security token to prevent infinite redirect loops + $this->context->setToken(null); + } + return $this->authenticationEntryPoint->start($request, $authException); } |