Skip to content

Commit b2a1b38

Browse files
committed
Added missing formats in cookbook/security
1 parent 202d861 commit b2a1b38

File tree

4 files changed

+301
-62
lines changed

4 files changed

+301
-62
lines changed

cookbook/security/custom_authentication_provider.rst

Lines changed: 107 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -354,13 +354,13 @@ to service ids that do not exist yet: ``wsse.security.authentication.provider``
354354
355355
# src/Acme/DemoBundle/Resources/config/services.yml
356356
services:
357-
wsse.security.authentication.provider:
358-
class: Acme\DemoBundle\Security\Authentication\Provider\WsseProvider
359-
arguments: ['', %kernel.cache_dir%/security/nonces]
357+
wsse.security.authentication.provider:
358+
class: Acme\DemoBundle\Security\Authentication\Provider\WsseProvider
359+
arguments: ['', %kernel.cache_dir%/security/nonces]
360360
361-
wsse.security.authentication.listener:
362-
class: Acme\DemoBundle\Security\Firewall\WsseListener
363-
arguments: [@security.context, @security.authentication.manager]
361+
wsse.security.authentication.listener:
362+
class: Acme\DemoBundle\Security\Firewall\WsseListener
363+
arguments: [@security.context, @security.authentication.manager]
364364
365365
366366
.. code-block:: xml
@@ -370,19 +370,19 @@ to service ids that do not exist yet: ``wsse.security.authentication.provider``
370370
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
371371
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
372372
373-
<services>
374-
<service id="wsse.security.authentication.provider"
375-
class="Acme\DemoBundle\Security\Authentication\Provider\WsseProvider" public="false">
376-
<argument /> <!-- User Provider -->
377-
<argument>%kernel.cache_dir%/security/nonces</argument>
378-
</service>
379-
380-
<service id="wsse.security.authentication.listener"
381-
class="Acme\DemoBundle\Security\Firewall\WsseListener" public="false">
382-
<argument type="service" id="security.context"/>
383-
<argument type="service" id="security.authentication.manager" />
384-
</service>
385-
</services>
373+
<services>
374+
<service id="wsse.security.authentication.provider"
375+
class="Acme\DemoBundle\Security\Authentication\Provider\WsseProvider" public="false">
376+
<argument /> <!-- User Provider -->
377+
<argument>%kernel.cache_dir%/security/nonces</argument>
378+
</service>
379+
380+
<service id="wsse.security.authentication.listener"
381+
class="Acme\DemoBundle\Security\Firewall\WsseListener" public="false">
382+
<argument type="service" id="security.context"/>
383+
<argument type="service" id="security.authentication.manager" />
384+
</service>
385+
</services>
386386
</container>
387387
388388
.. code-block:: php
@@ -392,17 +392,22 @@ to service ids that do not exist yet: ``wsse.security.authentication.provider``
392392
use Symfony\Component\DependencyInjection\Reference;
393393
394394
$container->setDefinition('wsse.security.authentication.provider',
395-
new Definition(
396-
'Acme\DemoBundle\Security\Authentication\Provider\WsseProvider',
397-
array('', '%kernel.cache_dir%/security/nonces')
398-
));
395+
new Definition(
396+
'Acme\DemoBundle\Security\Authentication\Provider\WsseProvider', array(
397+
'',
398+
'%kernel.cache_dir%/security/nonces',
399+
)
400+
)
401+
);
399402
400403
$container->setDefinition('wsse.security.authentication.listener',
401-
new Definition(
402-
'Acme\DemoBundle\Security\Firewall\WsseListener', array(
403-
new Reference('security.context'),
404-
new Reference('security.authentication.manager'))
405-
));
404+
new Definition(
405+
'Acme\DemoBundle\Security\Firewall\WsseListener', array(
406+
new Reference('security.context'),
407+
new Reference('security.authentication.manager'),
408+
)
409+
)
410+
);
406411
407412
Now that your services are defined, tell your security context about your
408413
factory. Factories must be included in an individual configuration file,
@@ -435,6 +440,20 @@ factory service, tagged as ``security.listener.factory``:
435440
</services>
436441
</container>
437442
443+
.. code-block:: php
444+
445+
// src/Acme/DemoBundle/Resources/config/security_factories.php
446+
use Symfony\Component\DependencyInjection\Definition;
447+
use Symfony\Component\DependencyInjection\Reference;
448+
449+
$definition = new Definition('Acme\DemoBundle\DependencyInjection\Security\Factory\WsseFactory', array(
450+
'',
451+
'%kernel.cache_dir%/security/nonces',
452+
));
453+
$definition->addTag('security.listener.factory');
454+
455+
$container->setDefinition('security.authentication.factory.wsse', $definition);
456+
438457
Now, import the factory configuration via the the ``factories`` key in your
439458
security configuration:
440459

@@ -467,13 +486,36 @@ security configuration:
467486
468487
You are finished! You can now define parts of your app as under WSSE protection.
469488

470-
.. code-block:: yaml
489+
.. configuration-block::
471490

472-
security:
473-
firewalls:
474-
wsse_secured:
475-
pattern: /api/.*
476-
wsse: true
491+
.. code-block:: yaml
492+
493+
security:
494+
firewalls:
495+
wsse_secured:
496+
pattern: /api/.*
497+
wsse: true
498+
499+
.. code-block:: xml
500+
501+
<config>
502+
<firewall name="wsse_secured"
503+
pattern="/api/.*"
504+
wsse="true"
505+
/>
506+
</config>
507+
508+
.. code-block:: php
509+
510+
$container->loadFromExtension('security', array(
511+
'firewalls' => array(
512+
'wsse_secured' => array(
513+
'pattern' => '/api/.*',
514+
'wsse' => true,
515+
),
516+
),
517+
));
518+
477519
478520
Congratulations! You have written your very own custom security authentication
479521
provider!
@@ -546,13 +588,38 @@ in order to put it to use.
546588
The lifetime of each wsse request is now configurable, and can be
547589
set to any desirable value per firewall.
548590

549-
.. code-block:: yaml
591+
.. configuration-block::
592+
593+
.. code-block:: yaml
594+
595+
security:
596+
firewalls:
597+
wsse_secured:
598+
pattern: /api/.*
599+
wsse: { lifetime: 30 }
600+
601+
.. code-block:: xml
602+
603+
<config>
604+
<firewall name="wsse_secured"
605+
pattern="/api/.*"
606+
>
607+
<wsse lifetime="30" />
608+
</firewall>
609+
</config>
550610
551-
security:
552-
firewalls:
553-
wsse_secured:
554-
pattern: /api/.*
555-
wsse: { lifetime: 30 }
611+
.. code-block:: php
612+
613+
$container->loadFromExtension('security', array(
614+
'firewalls' => array(
615+
'wsse_secured' => array(
616+
'pattern' => '/api/.*',
617+
'wsse' => array(
618+
'lifetime' => 30,
619+
),
620+
),
621+
),
622+
));
556623
557624
The rest is up to you! Any relevant configuration items can be defined
558625
in the factory and consumed or passed to the other classes in the container.

cookbook/security/custom_provider.rst

Lines changed: 88 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -206,26 +206,66 @@ Now you make the user provider available as a service:
206206
Modify ``security.yml``
207207
-----------------------
208208

209-
In ``/app/config/security.yml`` everything comes together. Add the user provider
209+
Everything comes together in your security configuration. Add the user provider
210210
to the list of providers in the "security" section. Choose a name for the user provider
211211
(e.g. "webservice") and mention the id of the service you just defined.
212212

213-
.. code-block:: yaml
213+
.. configuration-block::
214+
215+
.. code-block:: yaml
216+
217+
// app/config/security.yml
218+
security:
219+
providers:
220+
webservice:
221+
id: webservice_user_provider
222+
223+
.. code-block:: xml
214224
215-
security:
216-
providers:
217-
webservice:
218-
id: webservice_user_provider
225+
<!-- app/config/security.xml -->
226+
<config>
227+
<provider name="webservice" id="webservice_user_provider" />
228+
</config>
229+
230+
.. code-block:: php
231+
232+
// app/config/security.php
233+
$container->loadFromExtension('security', array(
234+
'providers' => array(
235+
'webservice' => array(
236+
'id' => 'webservice_user_provider',
237+
),
238+
),
239+
));
219240
220241
Symfony also needs to know how to encode passwords that are supplied by website
221242
users, e.g. by filling in a login form. You can do this by adding a line to the
222-
"encoders" section in ``/app/config/security.yml``.
243+
"encoders" section in your security configuration:
244+
245+
.. configuration-block::
246+
247+
.. code-block:: yaml
223248
224-
.. code-block:: yaml
249+
# app/config/security.yml
250+
security:
251+
encoders:
252+
Acme\WebserviceUserBundle\Security\User\WebserviceUser: sha512
225253
226-
security:
227-
encoders:
228-
Acme\WebserviceUserBundle\Security\User\WebserviceUser: sha512
254+
.. code-block:: xml
255+
256+
<!-- app/config/security.xml -->
257+
<config>
258+
<encoder class="Acme\WebserviceUserBundle\Security\User\WebserviceUser">sha512</encoder>
259+
</config>
260+
261+
.. code-block:: php
262+
263+
// app/config/security.php
264+
$container->loadFromExtension('security', array(
265+
'encoders' => array(
266+
'Acme\WebserviceUserBundle\Security\User\WebserviceUser' => 'sha512',
267+
),
268+
));
229269
230270
The value here should correspond with however the passwords were originally
231271
encoded when creating your users (however those users were created). When
@@ -252,15 +292,42 @@ options, the password may be encoded multiple times and encoded to base64.
252292

253293
Additionally, the hash, by default, is encoded multiple times and encoded
254294
to base64. For specific details, see `MessageDigestPasswordEncoder`_.
255-
To prevent this, configure it in ``security.yml``:
256-
257-
.. code-block:: yaml
258-
259-
security:
260-
encoders:
261-
Acme\WebserviceUserBundle\Security\User\WebserviceUser:
262-
algorithm: sha512
263-
encode_as_base64: false
264-
iterations: 1
295+
To prevent this, configure it in your configuration file:
296+
297+
.. configuration-block::
298+
299+
.. code-block:: yaml
300+
301+
# app/config/security.yml
302+
security:
303+
encoders:
304+
Acme\WebserviceUserBundle\Security\User\WebserviceUser:
305+
algorithm: sha512
306+
encode_as_base64: false
307+
iterations: 1
308+
309+
.. code-block:: xml
310+
311+
<!-- app/config/security.xml -->
312+
<config>
313+
<encoder class="Acme\WebserviceUserBundle\Security\User\WebserviceUser"
314+
algorithm="sha512"
315+
encode-as-base64="false"
316+
iterations="1"
317+
/>
318+
</config>
319+
320+
.. code-block:: php
321+
322+
// app/config/security.php
323+
$container->loadFromExtension('security', array(
324+
'encoders' => array(
325+
'Acme\WebserviceUserBundle\Security\User\WebserviceUser' => array(
326+
'algorithm' => 'sha512',
327+
'encode_as_base64' => false,
328+
'iterations' => 1,
329+
),
330+
),
331+
));
265332
266333
.. _MessageDigestPasswordEncoder: https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Core/Encoder/MessageDigestPasswordEncoder.php

0 commit comments

Comments
 (0)