summaryrefslogtreecommitdiffstats
path: root/Core/Authentication
Commit message (Collapse)AuthorAgeFilesLines
...
| | * made {@inheritdoc} annotations consistent across the boardFabien Potencier2014-04-163-6/+6
| | |
| | * made phpdoc types consistent with those defined in HackFabien Potencier2014-04-154-4/+4
| | |
| | * made types consistent with those defined in HackFabien Potencier2014-04-132-3/+3
| | |
* | | Merge branch '2.4'Fabien Potencier2014-01-249-21/+81
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.4: (35 commits) Update validators.ro.xlf add non-standard port to HTTP_HOST fixed attribute "source-language" for translations [Process] clarify idle timeout [Security] fix DI for SimpleFormAuthenticationListener Update PluralizationRules.php Update validators.pt_BR.xlf Translated remaining items (57-72) Updated Vietnamese translation allow null value in fragment handler added missing dot in translation updated Arabic translations Update validators.id.xlf [Validator] Translate validator messages into Brazilian Portuguese Added more Swedish validator translations Update validators.ca.xlf fixed typos in Welsh translation Added missing Croatian translations [Form] fixed allow render 0 and 0.0 numeric input values Fixed validators.nl.xlf ... Conflicts: src/Symfony/Bridge/Twig/composer.json
| * | Merge branch '2.3' into 2.4Fabien Potencier2014-01-249-21/+81
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: (30 commits) Update validators.ro.xlf add non-standard port to HTTP_HOST fixed attribute "source-language" for translations Update PluralizationRules.php Update validators.pt_BR.xlf Translated remaining items (57-72) Updated Vietnamese translation added missing dot in translation updated Arabic translations Update validators.id.xlf [Validator] Translate validator messages into Brazilian Portuguese Added more Swedish validator translations Update validators.ca.xlf fixed typos in Welsh translation Added missing Croatian translations [Form] fixed allow render 0 and 0.0 numeric input values Fixed validators.nl.xlf [Component/Security] Fixed some phpdocs in Security/Core Completed Luxembourgish translation Fixing the Logger deprecation notices to match the correct method name it should be informing of ... Conflicts: src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/form_widget_simple.html.php src/Symfony/Component/Console/Application.php
| | * [Component/Security] Fixed some phpdocs in Security/CoreJoseph Bielawski2014-01-179-21/+81
| | |
* | | Merge branch '2.4'Fabien Potencier2013-12-291-1/+25
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.4: fix some cs use restore_error_handler instead of set_error_handler($previous) fix #9321 Crawler::addHtmlContent add gbk encoding support [Console] fixed column width when using the Table helper with some decoration in cells [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role. Fix for cache-key conflict when having a \Traversable as choices [Security] removed obsolete comment
| * | Merge branch '2.3' into 2.4Fabien Potencier2013-12-291-1/+25
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: fix some cs use restore_error_handler instead of set_error_handler($previous) fix #9321 Crawler::addHtmlContent add gbk encoding support [Console] fixed column width when using the Table helper with some decoration in cells [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role. Fix for cache-key conflict when having a \Traversable as choices [Security] removed obsolete comment Conflicts: src/Symfony/Component/Console/Helper/TableHelper.php src/Symfony/Component/Security/Tests/Http/Firewall/ExceptionListenerTest.php
| | * bug #8997 [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role. ↵Fabien Potencier2013-12-291-1/+25
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (pawaclawczyk) This PR was squashed before being merged into the 2.3 branch (closes #8997). Discussion ---------- [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role. <table> <tr> <td><b>Q</b></td> <td><b>A</b></td> </tr> <tr> <td>Bug fix?</td> <td>yes</td> </tr> <tr> <td>New feature</td> <td>no</td> </tr> <tr> <td>BC breaks?</td> <td>no</td> </tr> <tr> <td>Deprecations?</td> <td>no</td> </tr> <tr> <td>Tests pass?</td> <td>yes</td> </tr> <tr> <td>Fixed tickets</td> <td>#3085, #8974</td> </tr> <tr> <td>License</td> <td>MIT</td> </tr> <tr> <td>Doc PR</td> <td>n/a</td> </tr> </table> Problem occurs while user is impersonated. Authentication process generates new token and doeas not preserve role ```ROLE_PREVIOUS_ADMIN```. Ex. when parameter ```security.always_authenticate_before_granting``` is enabled. Commits ------- a7baa3b [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
| | | * [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.Paweł Wacławczyk2013-12-291-1/+25
| | | |
* | | | Merge branch '2.4'Fabien Potencier2013-12-261-1/+8
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.4: (44 commits) [FrameworkBundle] Add missing license headers Fix parent serialization of user object [DependencyInjection] fixed typo added condition to avoid skipping tests on JSON_PRETTY support add memcache, memcached, and mongodb extensions to run skipped tests [DependencyInjection] Fixed support for backslashes in service ids. fix #9356 [Security] Logger should manipulate the user reloaded from provider [FrameworkBundle] Added extra details in XMLDescriptor to improve container description fixed CS Crawler default namespace fix [BrowserKit] fixes #8311 CookieJar is totally ignorant of RFC 6265 edge cases [HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4) fix 5528 let ArrayNode::normalizeValue respect order of value array provided fix #7243 allow 0 as arraynode name Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes #9403). BinaryFileResponse should also return 416 or 200 on some range-requets fix deprecated usage and clarify constructor defaults for number formatter Bumping dependency to ProxyManager to allow testing against the new 0.5.x branch changes Do normalization on tag options bumped Symfony version to 2.3.9 ...
| * | | Merge branch '2.3' into 2.4Fabien Potencier2013-12-261-1/+8
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: (31 commits) Fix parent serialization of user object [DependencyInjection] fixed typo add memcache, memcached, and mongodb extensions to run skipped tests [DependencyInjection] Fixed support for backslashes in service ids. fix #9356 [Security] Logger should manipulate the user reloaded from provider [BrowserKit] fixes #8311 CookieJar is totally ignorant of RFC 6265 edge cases [HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4) fix 5528 let ArrayNode::normalizeValue respect order of value array provided fix #7243 allow 0 as arraynode name Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes #9403). BinaryFileResponse should also return 416 or 200 on some range-requets Do normalization on tag options bumped Symfony version to 2.3.9 updated VERSION for 2.3.8 update CONTRIBUTORS for 2.3.8 updated CHANGELOG for 2.3.8 [Filesystem] Changed the mode for a target file in copy() to be write only. [Console] fixed CS fixed TableHelper when cell value has new line Improved and fixed grammar mistakes. Added pluralized messages ... Conflicts: src/Symfony/Component/BrowserKit/Cookie.php src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/Routing/Matcher/UrlMatcher.php
| | * | Fix parent serialization of user objectDavid de Boer2013-12-231-1/+8
| | | |
* | | | Fixed typos/CS/PHPDocPascal Borreli2013-11-241-11/+10
|/ / /
* | | unify constructor initialization style throughout symfonyTobias Schultze2013-11-111-7/+3
| | |
* | | Merge branch '2.3'Fabien Potencier2013-09-194-1/+7
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: fixed phpdoc Fix some annotates [FrameworkBundle] made sure that the debug event dispatcher is used everywhere [HttpKernel] remove unneeded strtoupper updated the composer install command to reflect changes in Composer Conflicts: src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
| * | Merge branch '2.2' into 2.3Fabien Potencier2013-09-194-1/+7
| |\ \ | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.2: Fix some annotates [FrameworkBundle] made sure that the debug event dispatcher is used everywhere [HttpKernel] remove unneeded strtoupper updated the composer install command to reflect changes in Composer Conflicts: src/Symfony/Component/Console/Application.php src/Symfony/Component/Console/Command/Command.php src/Symfony/Component/Console/Input/InputDefinition.php src/Symfony/Component/CssSelector/Node/CombinedSelectorNode.php src/Symfony/Component/Form/Form.php src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php src/Symfony/Component/HttpKernel/Tests/DependencyInjection/RegisterListenersPassTest.php src/Symfony/Component/Locale/Locale.php src/Symfony/Component/Locale/README.md src/Symfony/Component/Locale/Stub/DateFormat/FullTransformer.php
| | * Fix some annotatesbronze1man2013-09-194-1/+7
| | |
* | | [Security] [SimpleAuthenticationProvider] Delete unnecessary "use" statementsAleksey Podskrebyshev2013-09-181-6/+0
| | |
* | | Fixed typosPascal Borreli2013-08-241-1/+1
| | |
* | | Merge branch '2.3'Fabien Potencier2013-08-141-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [Process] Revert change [Process] Fix #8746 : slowness added in unit tests since #8741 [Process] Fix #8742 : Signal-terminated processes are not successful corrected English grammar (s/does not exists/does not exist) [Process] Add more precision to Process::stop timeout [Process] Avoid zombie process in case of unit tests failure [Process] Fix #8739 [Process] Add failing test for #8739 [Process] Fix CS [TwigBridge] removed superflous ; when rendering form_enctype() (closes #8660) Fixed documentation grammar for AuthenticationManagerInterface::authenticate() [Validator] fixed the wrong isAbstract() check against the class (fixed #8589) [TwigBridge] Prevent code extension to display warning Fix internal sub-request creation [FrameworkBundle] made code more generic [Form] Moved auto_initialize option to the BaseType Use strstr instead of strpos Make sure ContextErrorException is loaded during compile time errors Fix empty process argument escaping on Windows Ignore null value in comparison validators Conflicts: src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php src/Symfony/Component/Process/Process.php
| * | Merge branch '2.2' into 2.3Fabien Potencier2013-08-131-1/+1
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.2: corrected English grammar (s/does not exists/does not exist) [Process] Add more precision to Process::stop timeout [Process] Avoid zombie process in case of unit tests failure [Process] Fix #8739 [Process] Add failing test for #8739 [Process] Fix CS Fixed documentation grammar for AuthenticationManagerInterface::authenticate() [Validator] fixed the wrong isAbstract() check against the class (fixed #8589) [TwigBridge] Prevent code extension to display warning Use strstr instead of strpos Conflicts: src/Symfony/Component/Finder/Shell/Command.php src/Symfony/Component/Process/Process.php
| | * Fixed documentation grammar for AuthenticationManagerInterface::authenticate()Jaik Dean2013-08-131-1/+1
| | |
* | | Revert "marked some classes as being experimental in 2.3"Fabien Potencier2013-06-134-8/+0
| | | | | | | | | | | | This reverts commit 74cfc84c87ac281d1ed5aeb8eca9c86ae46c50cf.
* | | marked some classes as being experimental in 2.3Fabien Potencier2013-05-084-0/+8
| | |
* | | moved the simple HTTP authenticator to a pre-auth oneFabien Potencier2013-05-081-1/+1
| | |
* | | [Security] Renamed simple_token to simple_http, added support for failure ↵Jordi Boggiano2013-05-082-7/+1
| | | | | | | | | | | | and success handler to both simple firewalls
* | | [Security] Add simple_token auth methodJordi Boggiano2013-05-084-10/+30
| | |
* | | [Security] Add SimpleForm authenticationJordi Boggiano2013-05-083-0/+111
|/ /
* | Added a DoktrineTokenProvider in Security/Bridge/Doctrine/security/RememberMeTerje Bråten2013-04-211-2/+3
| |
* | Fixed typosPascal Borreli2013-04-211-2/+2
|/
* Merge branch '2.1' into 2.2Fabien Potencier2013-03-191-1/+1
|\ | | | | | | | | | | | | | | | | * 2.1: Add a public modifier to an interface method [HttpRequest] fixes Request::getLanguages() bug [HttpCache] added a test (cached content should be kept after purging) [DoctrineBridge] Fixed non-utf-8 recognition [Security] fixed HttpUtils class tests
| * Add a public modifier to an interface methodv2.1.9Elnur Abdurrakhimov2013-03-181-1/+1
| |
* | [Security] Introduced `UsernameNotFoundException#get/setUsername`Alexander2013-01-072-0/+2
| |
* | [Security] Removed `get/setExtraInformation`, added `get/set(Token|User)`Alexander2013-01-072-3/+3
| |
* | [Security] Fix AuthenticationServiceException constructor callsAlexander2013-01-071-1/+3
| |
* | Fixed most of the docblocks/unused namespacesFlorin Patan2012-12-195-0/+10
| |
* | CS Fixes - Replaced "array of type" by "Type[]" in PHPDoc blockThomas Lallement2012-11-194-13/+21
|/
* NsdocblocksDrak2012-10-202-8/+8
|
* fixed CSFabien Potencier2012-07-095-27/+27
|
* merged 2.0Fabien Potencier2012-06-202-2/+2
|\
| * merged branch Maks3w/patch-4 (PR #4616)Fabien Potencier2012-06-201-1/+1
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commits ------- fa050b7 [Security] Change return value in DocBlock Discussion ---------- [Security] Change return value in DocBlock Change the return value for avoid confusions. ```php if (!$user instanceof UserInterface) { throw new AuthenticationServiceException('retrieveUser() must return a UserInterface.'); } ``` [UserAuthenticationProvider.php#L67](https://github.com/symfony/symfony/tree/2.0/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php#L67) --------------------------------------------------------------------------- by travisbot at 2012-06-19T21:03:07Z This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1659148) (merged fa050b77 into e78a7bae).
| | * [Security] Change return value in DocBlockMaks2012-06-191-1/+1
| | | | | | | | | Change the return value for avoid confusions.
| * | [Security] Allow "0" as a passwordVictor Berchet2012-06-201-1/+1
| |/
| * fixed phpdoc @param alignmentv2.0.14Fabien Potencier2012-05-152-2/+2
| |
* | fixed phpdoc @param alignmentFabien Potencier2012-05-152-2/+2
| |
* | merged 2.0Fabien Potencier2012-05-112-1/+10
|\ \ | |/
| * [Security] fixed phpdoc.Hugo Hamon2012-05-011-1/+1
| |
| * [Security] added some missing phpdoc for AbstractToken::setUser() and ↵Hugo Hamon2012-05-012-1/+10
| | | | | | | | UsernamePasswordToken::__construct() methods.
* | fixed CS (missing or misplaced license blocks)Eriksen Costa2012-04-023-6/+6
| |
* | updated license blocksEriksen Costa2012-03-312-6/+6
| |
* | Add some more tests, and enforce boolean return value of interface ↵Dariusz Górecki2012-01-101-1/+1
| | | | | | | | implementations.
* | When method name is `hasUserChanged` the return boolean should be true (to ↵Dariusz Górecki2012-01-101-11/+11
| | | | | | | | match question semantics) and false when user has not changed, this commits inverts return statements.
* | Refactor `isUserChanged` to `hasUserChanged`Dariusz Górecki2012-01-101-3/+3
| |
* | Change names to EquatableDariusz Górecki2012-01-101-5/+5
| |
* | [BC Break][Security] Moved user comparsion logic out of UserInterface As ↵Dariusz Górecki2012-01-101-1/+48
| | | | | | | | | | | | | | | | | | | | discussed on IRC meetings and in PR #2669 I came up with implementation. This is option2, I think more elegant. BC break: yes Feature addition: no/feature move Symfony2 test pass: yes Symfony2 test written: yes Todo: feedback needed
* | 'for' was duplicatedJavier López2011-12-281-1/+1
| |
* | merged 2.0Fabien Potencier2011-12-181-3/+3
|\ \ | |/
| * fixed CSFabien Potencier2011-12-181-3/+3
| |
* | merged 2.0Fabien Potencier2011-12-132-5/+9
|\ \ | |/
| * [DoctrineBridge] fixed some CSFabien Potencier2011-12-132-5/+9
| |
* | added authentication success/failure eventsJohannes Schmitt2011-11-221-0/+19
| |
* | [Security] made exceptions thrown by the user checker and the ↵Fabien Potencier2011-11-071-11/+19
| | | | | | | | checkAuthentication() method use the hideUserNotFoundExceptions flag
* | merged 2.0Fabien Potencier2011-11-072-2/+2
|\ \ | |/
| * replace occurences of "an UserInteface" with "a UserInterface"Igor Wiedler2011-11-032-2/+2
| |
* | merged 2.0Fabien Potencier2011-10-294-4/+0
|\ \ | |/
| * removed unused use statementsFabien Potencier2011-10-294-4/+0
| |
* | Removed redundant "@return void"-sHelmer Aaviksoo2011-10-071-2/+0
| |
* | [Security] changed a RuntimeException to LogicException for consistencies ↵Fabien Potencier2011-10-031-1/+1
|/ | | | between the different Token classes (closes #2310)
* [Security] change a comparison to use a strict comparisonFabien Potencier2011-07-221-1/+1
|
* [Security] reverted some changes from previous mergeFabien Potencier2011-06-151-1/+1
|
* merged branch kaiwa/loglevel (PR #1073)Fabien Potencier2011-06-151-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commits ------- cdf4b6a Checked log levels a45d3ee Reverted last commit 529381b ControllerNotFound: Changed log level from info to error. Also moved throw exception code block up, to prevent the message from beeing logged multiple times. 7c29e88 Changed log level of "Matched route ..." message from info to debug dca09fd Changed log level of "Using Controller ..." message from info to debug Discussion ---------- Log levels Just wanted to ask if the log level INFO is still correct for these messages? As there are only four log levels left (DEBUG, INFO, WARNING, ERROR), DEBUG might be the more appropriate level for these messages now. Let me give an example: An application is logging user actions (maybe to database) in order to assure comprehensibility, e. g. "User %s deleted post %d", "User %s written a message to user %s". These are not warnings of course, so the only suitable log level is INFO. But they will be thrown together with these very common (at least two per request?) "Using controller..." and "Matched route..." messages when choosing INFO as log level. --------------------------------------------------------------------------- by Seldaek at 2011/05/24 07:13:18 -0700 Agreed, this stuff is framework debug information. --------------------------------------------------------------------------- by fabpot at 2011/05/24 08:53:24 -0700 Why do you want to change these two specific ones? The framework uses the INFO level at other places too. Is it a good idea to say that the framework only logs with DEBUG? --------------------------------------------------------------------------- by stof at 2011/05/24 09:12:53 -0700 Doctrine logs at the INFO level too and I think it is useful to keep it as INFO. Being able to see the queries without having all DEBUG messages of the event dispatcher and security components is useful IMO. --------------------------------------------------------------------------- by Seldaek at 2011/05/25 02:30:24 -0700 Yeah, that's true, maybe we just need to reintroduce (again, meh:) NOTICE between INFO and WARNING. @kaiwa Of course the other way could be that you just add your DB handler to the app logger stack. That could be done in a onCoreRequest listener or such, basically you'd have to call `->pushHandler($yourDBHandler)` on the `monolog.logger.app` service. That way your messages will flow to it, but it won't receive noise from the framework stuff since those log on monolog.logger.request and other log channels. --------------------------------------------------------------------------- by fabpot at 2011/05/25 02:48:26 -0700 @Seldaek: I don't think we need another level. We just need to come up with a standard rules about the usage of each level. Adapted from log4j: * ERROR: Other runtime errors or unexpected conditions. * WARN: Use of deprecated APIs, poor use of API, 'almost' errors, other runtime that are undesirable or unexpected, but not necessarily "wrong" (unable to write to the profiler DB, ). * INFO: Interesting runtime events (security infos like the fact the user is logged-in or not, SQL logs, ...). * DEBUG: Detailed information on the flow through the system (route match, security flow infos like the fact that a token was found or that remember-me cookie is found, ...). What do you think? --------------------------------------------------------------------------- by stloyd at 2011/05/25 02:53:38 -0700 +1 for this standard (also this PR can be merged then), but we should review code for other "wrong" log levels usage (if everyone accept this standard) --------------------------------------------------------------------------- by fabpot at 2011/05/25 02:55:07 -0700 I won't merge this PR before all occurrences of the logger calls have been reviewed carefully and changed to the right level. --------------------------------------------------------------------------- by kaiwa at 2011/05/25 02:58:44 -0700 @fabpot: Just noticed these two occurring for every request in my log file. You are right, there are other places where this changes must be applied if we will change the log level. @stof: Hmm, i see. It is not possible to set the logger separately for each bundle, is it? That maybe would solve the problem. If somebody is interested in seeing the queries, he could set the log handler level to DEBUG for doctrine bundle, but still use INFO for the framwork itself. Plus he could even define a different output file or a completely different handler. I'm not sure if something like that is possible already (?) or realizable at all... just came into my mind. --------------------------------------------------------------------------- by Seldaek at 2011/05/25 03:01:07 -0700 Just FYI, from Monolog\Logger (which has CRITICAL and ALERT): * Debug messages const DEBUG = 100; * Messages you usually don't want to see const INFO = 200; * Exceptional occurences that are not errors * This is typically the logging level you want to use const WARNING = 300; * Errors const ERROR = 400; * Critical conditions (component unavailable, etc.) const CRITICAL = 500; * Action must be taken immediately (entire service down) * Should trigger alert by sms, email, etc. const ALERT = 550; The values kind of match http error codes too, 4xx are expected errors that are not really important (404s etc) and 5xx are server errors that you'd better fix ASAP. I'm ok with the descriptions, but I think alert and critical should be included too. I'll probably update Monolog docblocks to match whatever ends up in the docs. --------------------------------------------------------------------------- by Seldaek at 2011/05/25 03:03:21 -0700 @kaiwa you can do a lot, but not from the default monolog configuration entry, I'm not sure if we can really make that fully configurable without having a giant config mess. Please refer to my [comment above](https://github.com/symfony/symfony/pull/1073#issuecomment-1234316) to see how you could solve it. Maybe @fabpot has an idea how to make this more usable though. --------------------------------------------------------------------------- by stof at 2011/05/25 03:19:43 -0700 @Seldaek the issue is that the different logging channels are only know in the compiler pass, not in the DI extension. So changing the level in the extension is really hard IMO. Thus, the handlers are shared between the different logging channels (needed to open the log file only once for instance, or to send a single mail instead of one per channel) and the level is handled in the handlers, not the logger. I'm +1 for the standard, by adding the distinction between 400 and 500 status calls using ERROR and CRITICAL (which is already the case in the code). @kaiwa do you have time to review the calls to the logger between DEBUG and INFO or do you prefer I do it ? For instance, the Security component currently logs all message at DEBUG level and some of them should be INFO. --------------------------------------------------------------------------- by kaiwa at 2011/05/25 04:31:04 -0700 @stof ok i'll do that --------------------------------------------------------------------------- by kaiwa at 2011/05/25 12:22:51 -0700 Need some help :) I came across `ControllerNameParser::handleControllerNotFoundException()` which leads to redundant log messages currently: >[2011-05-25 20:53:16] request.INFO: Unable to find controller "AppBaseBundle:Blog" - class "App\BaseBundle\Controller\BlogController" does not exist. >[2011-05-25 20:53:16] request.ERROR: InvalidArgumentException: Unable to find controller "AppBaseBundle:Blog" - class "App\BaseBundle\Controller\BlogController" does not exist. (uncaught exception) at /home/ruth/symfony3/src/Symfony/Bundle/FrameworkBundle/Controller/ControllerNameParser.php line 87 Is it necessary to call `$this->logger->info($log);` if the InvalidArgumentException will be logged anyway? --------------------------------------------------------------------------- by stof at 2011/05/25 12:39:22 -0700 Well, the issue is that the ControllerNameParser logs messages and then uses them to throw an exception. I guess the logging call should be removed as it is redundant with the one of the ExceptionListener. @fabpot thoughts ? --------------------------------------------------------------------------- by kaiwa at 2011/05/27 11:39:25 -0700 I checked all debug, info and log calls. Sometimes it is hard to distinguish between the levels, so it would be great if someone reviews @cdf4b6a. @stof, maybe you want to take a look? --------------------------------------------------------------------------- by kaiwa at 2011/05/31 12:52:07 -0700 @stof, thanks for your comments. I added some replies above, please let me know your suggestions. --------------------------------------------------------------------------- by stof at 2011/05/31 14:04:22 -0700 @kaiwa As I said before, all the security logging calls should be DEBUG (most of them) or INFO (the one syaing that authentication succeeded for instance), but not WARN or ERROR as the exception don't go outside the firewall.
| * Checked log levelskaiwa2011-05-271-1/+1
| |
* | fixed CSFabien Potencier2011-06-086-6/+6
| |
* | [Security/Core] added missing method to interfaceJohannes M. Schmitt2011-06-011-0/+6
| |
* | added missing license headersFabien Potencier2011-05-312-0/+19
| |
* | [Various] Fixed phpdocPascal Borreli2011-05-291-2/+2
|/
* [Phpdoc] Cleaning/fixingPascal Borreli2011-04-236-16/+24
|
* removed empty lines/trailing spacesBrikou CARRE2011-04-151-4/+4
|
* [Security] tweaked some exception messagesFabien Potencier2011-04-121-2/+2
|
* [Security] removed import of the UserInterface interface as it is unused in ↵hhamon2011-03-181-6/+4
| | | | the file and fix some phpdoc.
* [Security] small performance optimizationJohannes M. Schmitt2011-03-141-0/+4
|
* re-added a __toString method for debugging purposesJohannes Schmitt2011-03-122-0/+25
|
* [Security] refactored remember-me codeJohannes M. Schmitt2011-03-112-10/+2
|
* [Security] added some more testsJohannes M. Schmitt2011-03-102-3/+16
|
* [Security] various changes, see belowJohannes Schmitt2011-03-1014-268/+231
| | | | | | - visibility changes from protected to private - AccountInterface -> UserInterface - SecurityContext::vote() -> SecurityContext::isGranted()
* replaced symfony-project.org by symfony.comFabien Potencier2011-03-0618-30/+30
|
* [Security] added the 'key' attribute of RememberMeToken to serialized string ↵Bulat Shakirzyanov2011-03-041-0/+17
| | | | to be stored in session
* [Security] Copy token attributes when auth providers create a new token from ↵Jeremy Mikola2011-02-232-2/+8
| | | | | | another PreAuthenticatedAuthenticationProvider and UserAuthenticationProvider tend to copy a token instead of modifying it during their authenticate() methods, which is probably a good idea if the token might be immutable. Ensure that the token's attributes get copied along with everything else.
* [Security] Add providerKey to PreAuthenticatedToken tokens constructed by ↵Jeremy Mikola2011-02-151-1/+1
| | | | PreAuthenticatedAuthenticationProvider
* [Security] Allow authentication tokens to hold attributesJeremy Mikola2011-02-152-2/+107
|
* [Security] Refactored security context, moved getUser() implementation to ↵Johannes Schmitt2011-02-121-3/+1
| | | | templating
* [Security] removed __toString() from AccountInterfaceJohannes Schmitt2011-02-121-6/+6
|
* [Security] bug fix in FormAuthenticationEntryPointJohannes M. Schmitt2011-02-021-32/+0
|
* [Security] fixed a Token serialization bugSebastian Utz2011-02-024-23/+12
|
* namespace changesJohannes M. Schmitt2011-01-2621-0/+1549
Symfony\Component\Security -> Symfony\Component\Security\Core Symfony\Component\Security\Acl remains unchanged Symfony\Component\HttpKernel\Security -> Symfony\Component\Security\Http
generated by cgit v1.1 at 2025-05-11 00:43:57 +0000