diff options
| -rw-r--r-- | Http/Firewall/ExceptionListener.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index a36baf3..e34b14b 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -17,6 +17,7 @@ use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Core\Exception\AccountStatusException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException; use Symfony\Component\Security\Http\HttpUtils; @@ -158,6 +159,11 @@ class ExceptionListener $this->setTargetPath($request); + if ($authException instanceof AccountStatusException) { + // remove the security token to prevent infinite redirect loops + $this->context->setToken(null); + } + return $this->authenticationEntryPoint->start($request, $authException); } |