Skip to content

[Security] In the new authenticator system, no auth listener is valid #38160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 12, 2020
Merged

[Security] In the new authenticator system, no auth listener is valid #38160

merged 1 commit into from
Sep 12, 2020

Conversation

weaverryan
Copy link
Member

Q A
Branch? 5.1
Bug fix? yes
New feature? yes
Deprecations? no
Tickets none
License MIT
Doc PR not needed

In the new authenticator system, anonymous is gone and it IS now valid to have no authentication listeners. Before this PR, the following would trigger this error:

security:
    enable_authenticator_manager: true

    firewalls:
        main:
            lazy: true

But this IS valid (and would eventually be the "starting security.yaml" when the new system is the main system).

Cheers!

@fabpot
Copy link
Member

fabpot commented Sep 12, 2020

Thank you @weaverryan.

@fabpot fabpot mentioned this pull request Sep 12, 2020
Closed
@fabpot fabpot merged commit 393e5c4 into symfony:5.1 Sep 12, 2020
@fabpot fabpot mentioned this pull request Sep 27, 2020
Merged
@AkashicSeer
Copy link

The "enable_csrf" option of "form_login" is only available when "security.enable_authenticator_manager" is set to "true", use "csrf_token_generator" instead.
SWEET now what to fix this?

@xabbuh
Copy link
Member

xabbuh commented Jan 31, 2021

Please open a new issue if you think that you found a bug. Comments on merged PRs are likely to get lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabpot fabpot fabpot approved these changes

@javiereguiluz javiereguiluz javiereguiluz approved these changes

@wouterj wouterj wouterj approved these changes

@yceruto yceruto yceruto approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Bug Feature Security Status: Reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@weaverryan @fabpot @AkashicSeer @xabbuh @javiereguiluz @wouterj @yceruto @chalasr @carsonbot