From c1993e8e73922d8f06ef25a025ad8f7006759316 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Tibensk=C3=BD?= Date: Sun, 10 Apr 2022 14:23:47 +0200 Subject: [PATCH 1/2] Fix invalid interface mention in security.rst SerializableInterface doesn't exist, I assume it was meant to be https://www.php.net/manual/en/class.serializable.php, the motivation behind this change is described here https://stackoverflow.com/questions/42074225/symfony-userinterface-is-serializing-the-entire-massive-user-entity/71816482#71816482 --- security.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security.rst b/security.rst index d29f1480f78..e04a67e41a6 100644 --- a/security.rst +++ b/security.rst @@ -2503,9 +2503,9 @@ However, in some cases, this process can cause unexpected authentication problem If you're having problems authenticating, it could be that you *are* authenticating successfully, but you immediately lose authentication after the first redirect. -In that case, review the serialization logic (e.g. ``SerializableInterface``) on +In that case, review the serialization logic (e.g. ``\Serializable`` interface) on you user class (if you have any) to make sure that all the fields necessary are -serialized. +serialized and also exclude all the fields not necessary to be serialized (relations). Comparing Users Manually with EquatableInterface ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From 6e7b827d77a83bb606dc644eae78e31b2c374406 Mon Sep 17 00:00:00 2001 From: Wouter de Jong Date: Thu, 21 Apr 2022 14:06:12 +0200 Subject: [PATCH 2/2] No longer mention a deprecated interface --- security.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/security.rst b/security.rst index e04a67e41a6..3db9857f17a 100644 --- a/security.rst +++ b/security.rst @@ -2503,9 +2503,10 @@ However, in some cases, this process can cause unexpected authentication problem If you're having problems authenticating, it could be that you *are* authenticating successfully, but you immediately lose authentication after the first redirect. -In that case, review the serialization logic (e.g. ``\Serializable`` interface) on -you user class (if you have any) to make sure that all the fields necessary are -serialized and also exclude all the fields not necessary to be serialized (relations). +In that case, review the serialization logic (e.g. the ``__serialize()`` or +``serialize()`` methods) on you user class (if you have any) to make sure +that all the fields necessary are serialized and also exclude all the +fields not necessary to be serialized (e.g. Doctrine relations). Comparing Users Manually with EquatableInterface ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~