Skip to content

Commit 57cc957

Browse files
mdouailinmdouailin
committed
full xml config, pushed the note at the end of the entry
1 parent 01d18fe commit 57cc957

File tree

1 file changed

+22
-18
lines changed

1 file changed

+22
-18
lines changed

cookbook/security/pre_authenticated.rst

Lines changed: 22 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -4,23 +4,13 @@
44
Using pre Authenticated Security Firewalls
55
==========================================
66

7-
A lot of authentication modules are already provided by some webservers,
7+
A lot of authentication modules are already provided by some web servers,
88
including Apache. These modules generally set some environment variables
9-
that can be used to determine which user is accessing your application. Out of the
9+
that can be used to determine which user is accessing your application. Out of the
1010
box, Symfony supports most authentication mechanisms.
1111
These requests are called *pre authenticated* requests because the user is already
1212
authenticated when reaching your application.
1313

14-
.. note::
15-
16-
An authentication provider will only inform the user provider of the username
17-
that made the request. You will need to either use an available
18-
:class:`Symfony\\Component\\Security\\Core\\User\\UserProviderInterface`
19-
or implement your own:
20-
21-
* :doc:`/cookbook/security/entity_provider`
22-
* :doc:`/cookbook/security/custom_provider`
23-
2414
X.509 Client Certificate Authentication
2515
---------------------------------------
2616

@@ -44,12 +34,17 @@ Enable the x509 authentication for a particular firewall in the security configu
4434
4535
.. code-block:: xml
4636
37+
<?xml version="1.0" ?>
4738
<!-- app/config/security.xml -->
48-
<config>
49-
<firewall name="secured_area" pattern="^/">
50-
<x509 provider="your_user_provider"/>
51-
</firewall>
52-
</config>
39+
<srv:container xmlns="http://symfony.com/schema/dic/security"
40+
xmlns:srv="http://symfony.com/schema/dic/services">
41+
42+
<config>
43+
<firewall name="secured_area" pattern="^/">
44+
<x509 provider="your_user_provider"/>
45+
</firewall>
46+
</config>
47+
</srv:container>
5348
5449
.. code-block:: php
5550
@@ -66,7 +61,16 @@ Enable the x509 authentication for a particular firewall in the security configu
6661
));
6762
6863
By default, the firewall provides the ``SSL_CLIENT_S_DN_Email`` variable to
69-
the user provider, and sets the ``SSL_CLIENT_S_DN`` as credentials in the
64+
the user provider, and sets the ``SSL_CLIENT_S_DN`` as credentials in the
7065
:class:`Symfony\\Component\\Security\\Core\\Authentication\\Token\\PreAuthenticatedToken`.
7166
You can override these by setting the ``user`` and the ``credentials`` keys
7267
in the x509 firewall configuration respectively.
68+
69+
.. note::
70+
71+
An authentication provider will only inform the user provider of the username
72+
that made the request. You will need to create (or use) a "user provider" that
73+
turns that username into a User object of your choice:
74+
75+
* :doc:`/cookbook/security/custom_provider`
76+
* :doc:`/cookbook/security/entity_provider`

0 commit comments

Comments
 (0)