Skip to content

vria/symfony-security-component-use

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
public
public
 
 
src/Security
src/Security
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 

Repository files navigation

Securing your web applications using the Symfony Security component

The code from the conference of AFUP that was held 28/08/2018 at JoliCode, Paris.

The slides are available on my slideshare.

Task 1 Task 2 ➡️

Authenticate each request to the application using an identifier and a password.

To facilitate the task we expose a "front controller" to the user. This is a single PHP file through which all requests are processed.

An index.php as a front controller will call SecurityListener at every request. The purpose of SecurityListener as to authenticate a request, in particular :

  • extract credentials from the Request object (query parameters "auth_user" and "auth_pw")
  • verify credentials
  • create Token if credentials are valid
  • pass Token into TokenStorage. The last is a service accessible by any other code, e.g. index.php.

Urls to test:

  • /?auth_user=gordon&auth_pw=freeman (authenticated)
  • / (not authenticated)

Urls to test without rewrite rules must start with /index.php, e.g. /index.php?auth_user=gordon&auth_pw=freeman.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages