Reputation: 5957
How to set à priority for security Listeners?
I've a Sso authentication on my portal, which bypass the login form if a specific header is present into the request.
When I try to impersonnate a user, the Symfony's Context Listener find the user and load it into security context, then my Sso listener detect header and overwrite the token in the security token. So the impersonnating failed.
I've two idea but I don't know about feasibility:
- is there a way to configure a priority for these security listeners ?
- Is there a way to detect if an authenticated token is already set in security context from Firewall\ListernerInterface's handle method's event ?
Upvotes: 1
Views: 2368
Answers (1)
Reputation: 48883
Here is an example of listener which uses getSubscriedEvents to set priorities:
class ModelEventListener extends ContainerAware implements EventSubscriberInterface
{
const ControllerRoleEventListenerPriority = -1100;
const ControllerModelEventListenerPriority = -1900;
const ControllerFormEventListenerPriority = -1910;
const ViewEventListenerPriority = -1900;
public static function getSubscribedEvents()
{
return array(
KernelEvents::CONTROLLER => array(
array('onControllerRole', self::ControllerRoleEventListenerPriority),
array('onControllerModel', self::ControllerModelEventListenerPriority),
array('onControllerForm', self::ControllerFormEventListenerPriority),
),
KernelEvents::VIEW => array(
array('onView', self::ViewEventListenerPriority),
),
);
}
You can also set priority in your services.yml file: http://symfony.com/doc/current/cookbook/service_container/event_listener.html
services:
kernel.listener.your_listener_name:
class: AppBundle\EventListener\AcmeExceptionListener
tags:
-
name: kernel.event_listener
event: kernel.exception
method: onKernelException
priority: 666
Finally, here are the priorities of some of the framework services: http://symfony.com/doc/current/reference/dic_tags.html#kernel-event-listener
Not sure where the security listener priorities are documented. They must be around somewhere. You can always look in the security bundle.
Upvotes: 1
Related Questions
- Changing priority of a subscriber coming from a vendor's bundle
- How to control Doctrine Event subscriber priorities
- Symfony: listener priority in bundle
- Symfony: check user authorization inside event listener
- How to change event handler priority in Symfony 2
- Load a listener before the security or custom provider
- Symfony2 - How is the priority setting of a security voter used by the AccessDecisionManager?
- Symfony2 Two conflicted authentication listeners
- Security in Symfony2
- How to propely configure SecurityProvider in Silex?