• Fabien Potencier's avatar
    merged branch gigablah/security-flags (PR #573) · e82a9a3b
    Fabien Potencier authored
    This PR was merged into the master branch.
    
    Commits
    -------
    
    e21b3803 Support 'security' and 'stateless' flags in security config
    
    Discussion
    ----------
    
    Support 'security' and 'stateless' flags in security config
    
    `'security' => false` will disable the firewall (for a particular area) even if there are listeners configured.
    
    `'stateless' => true` will prevent `ContextListener` from getting registered.
    
    ---------------------------------------------------------------------------
    
    by davedevelopment at 2013-01-05T15:01:38Z
    
    I'm not sure I understand what you'd use these flags for, perhaps some
    documentation would be useful?
     On Jan 5, 2013 10:05 AM, "Chris Heng" <notifications@github.com> wrote:
    
    > 'security' => false will disable the firewall even if there are listeners
    > configured.
    >
    > 'stateless' => true will prevent ContextListener from getting registered.
    > ------------------------------
    > You can merge this Pull Request by running:
    >
    >   git pull https://github.com/gigablah/Silex security-flags
    >
    > Or view, comment on, or merge it at:
    >
    >   https://github.com/fabpot/Silex/pull/573
    > Commit Summary
    >
    >    - Support 'security' and 'stateless' flags in security config
    >
    > File Changes
    >
    >    - *M* src/Silex/Provider/SecurityServiceProvider.php (10)
    >
    > Patch Links
    >
    >    - https://github.com/fabpot/Silex/pull/573.patch
    >    - https://github.com/fabpot/Silex/pull/573.diff
    >
    >  —
    > Reply to this email directly or view it on GitHub<https://github.com/fabpot/Silex/pull/573>.
    >
    >
    
    ---------------------------------------------------------------------------
    
    by gigablah at 2013-01-05T15:30:13Z
    
    These are the same flags you can use in Symfony2. I guess `'security' => false` by itself isn't too useful, but you could hypothetically do something like:
    
    ```php
    $app->register(new SecurityServiceProvider(), array(
        'security.firewalls' => array(
            'api' => array(
                'pattern' => '^/api',
                'stateless' => true,
                'security' => !$app['debug'],
                'oauth' => true
            )
        )
    ));
    ```
    
    Which will (a) turn off oauth access token authentication when you're debugging (b) turn off read/write on the session during authentication, which isn't wanted since the oauth access token is sent for each request.
    
    ---------------------------------------------------------------------------
    
    by davedevelopment at 2013-01-06T20:48:20Z
    
    Sorry, I think I got confused by the security flag, I understand the stateless one.
    
    ---------------------------------------------------------------------------
    
    by stof at 2013-01-06T21:13:04Z
    
    The goal of the ``security`` flag is to create a firewall pattern without firewall. The only reason for this is to whitelist a pattern by placing it before another pattern without having to create a crazy regex
    
    ---------------------------------------------------------------------------
    
    by fabpot at 2013-01-18T15:00:19Z
    
    Can you also update the documentation about these two new settings? Thanks.
    
    ---------------------------------------------------------------------------
    
    by gigablah at 2013-01-19T04:37:08Z
    
    It's done. Added a section for Stateless Authentication, and a tip for the `security` flag.
    e82a9a3b
Name
Last commit
Last update
..
cookbook Loading commit data...
providers Loading commit data...
changelog.rst Loading commit data...
conf.py Loading commit data...
contributing.rst Loading commit data...
index.rst Loading commit data...
internals.rst Loading commit data...
intro.rst Loading commit data...
middlewares.rst Loading commit data...
organizing_controllers.rst Loading commit data...
phar.rst Loading commit data...
providers.rst Loading commit data...
services.rst Loading commit data...
testing.rst Loading commit data...
usage.rst Loading commit data...
web_servers.rst Loading commit data...