Databases
StackOverflow2013
Postsdbo
POSymfony2 entity user provider overrides custom auth provider
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POSymfony2 entity user provider overrides custom auth provider
    primarykey
    data
    text
    <p>My Symfony2 custom authentication provider now <a href="https://stackoverflow.com/questions/15008721/symfony2-wont-load-custom-authentication-provider-loads-daoauthenticationprovi">appears to be working</a>.</p> <p><strong>User Provider</strong></p> <p>I almost used the <em>FOSUserBundle</em> but I don't even have email addresses for my users and I don't need the added functionality or complication.</p> <p>So instead I'm just using the <a href="http://symfony.com/doc/current/cookbook/security/entity_provider.html" rel="nofollow noreferrer">entity provider</a>.</p> <p>I set my encoder to plaintext because the API client library handles that for me, but alas, another snag: it seems like <strong>Users are now being authenticated against these User records</strong>.</p> <p>Before I implemented the entity user provider, my login form gave me valid responses: correct credentials yielded no error, bad credentials resulted in my custom "incorrect user/pass error".</p> <p>Now, even if I supply credentials I know to be correct, all I get is the error message "Bad credentials," <a href="https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php#L89" rel="nofollow noreferrer">as if I'm implementing the UserAuthenticationProvider</a>, but to the best of my knowledge, I'm not. My custom provider <a href="https://github.com/freen/wordrot/blob/master/src/WordRot/PlayBundle/Security/Authentication/Provider/WordnikProvider.php#L17" rel="nofollow noreferrer">directly implements the AuthenticationProviderInterface</a>.</p> <p>So at the moment I assume I have incorrectly implemented the entity user provider, such that it is somehow overriding my custom authentication provider. What's the correct way to configure the entity user provider and a custom authentication provider, at the same time?</p> <p><strong>Files</strong></p> <ul> <li><a href="https://github.com/freen/wordrot/blob/master/app/config/security.yml" rel="nofollow noreferrer">/app/config/security.yml</a></li> <li><a href="https://github.com/freen/wordrot/blob/master/src/WordRot/PlayBundle/Security/Authentication/Provider/WordnikProvider.php" rel="nofollow noreferrer">/src/WordRot/PlayBundle/Security/Authentication/Provider/WordnikProvider.php</a></li> </ul> <p><em>Relevant section of</em> <strong><em>security.yml</em></strong></p> <pre><code>encoders: WordRot\PlayBundle\Entity\User: plaintext providers: wordnik_users: entity: { class: WordRotPlayBundle:User, property: username } firewalls: wordnik_secured: pattern: ^/play logout: ~ anonymous: ~ # The next line specifies the custom authentication provider: wordnik: true form_login: provider: wordnik_users login_path: /login check_path: /play_check # on success always_use_default_target_path: true default_target_path: /play </code></pre> <p><strong>EDIT</strong></p> <p><a href="https://github.com/freen/wordrot/compare/a473d354d7763b426c3e6faff68f7346418fddf5...ddcfeae2cbce2a30fff590f0d711e850fc9c8a00" rel="nofollow noreferrer">This might prove useful</a>. It's a diff on the master branch...</p> <ul> <li><strong>From</strong> when the custom auth provider (<a href="https://github.com/freen/wordrot/blob/master/src/WordRot/PlayBundle/Security/Authentication/Provider/WordnikProvider.php" rel="nofollow noreferrer">WordnikProvider</a>) still got executed (a473d354)</li> <li><strong>To</strong> the most recent commit on the master branch (ddcfeae2), where the auth provider is no longer executed.</li> </ul> <p><strong>EDIT 2</strong></p> <p>With more break points I discovered:</p> <ol> <li>On login form POST, <a href="https://github.com/freen/wordrot/blob/master/src/WordRot/PlayBundle/Security/Authentication/Provider/WordnikProvider.php#L31" rel="nofollow noreferrer">WordnikProvider#supports</a> is being called with a UsernamePasswordToken, thus returning <code>false</code>.</li> <li>On login form POST, <code>WordnikListener</code> is constructed but it's other methods (<code>attemptAuthentication</code>, <code>requiresAuthentication</code>) are never called. And yet <code>WordnikFactory#createListener</code>, too, is never called! It's a wonder that the listener is constructed.</li> <li>However on <code>login_check</code> GET, <code>WordnikListener#requiresAuthentication</code> IS called.</li> </ol>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USCommunity
    1. USDaniel B.
    plurals
    1. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POSymfony2 entity user provider overrides custom auth provider
      1. USDaniel B.
      1. VTFavorite
    2. VO
      singulars
      1. POSymfony2 entity user provider overrides custom auth provider
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. POSymfony2 entity user provider overrides custom auth provider
      1. USDaniel B.
      1. VTBountyStart
    1. COThe form_login service pretty much assumes you need a password. So make yourself an encoder which says that no password is fine. That should get you one step further.
      singulars
      1. POSymfony2 entity user provider overrides custom auth provider
      1. USCerad
    2. COCerad, actually it seems that the problem is coming from the UserAuthenticationProvider, as the "Bad credentials." error suggests. Although its a complete mystery to me why that provider is being loaded! I don't think the encoder is the issue.
      singulars
      1. POSymfony2 entity user provider overrides custom auth provider
      1. USDaniel B.
    3. COThe AuthProvider load a user via the user provider and then authenticates the user by checking the password using the encoder. If you are not using the form_login service at all then take it out. But it sure seems like /play_check is being handled by the default auth handler.
      singulars
      1. POSymfony2 entity user provider overrides custom auth provider
      1. USCerad
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload