[Flow] Multiple tokens for an AuthenticationProvider
Anup Shukla
anup.shkl at gmail.com
Fri Dec 20 11:55:00 CET 2013
Hi,
Reading the documentation, an AuthenticationProvider can supply an array of Tokens that it can use via the getTokenClassNames() method.
I would assume that the security implementation will process each Token type as per the return value of this method.
However, looking at AuthenticationProviderManager#buildProvidersAndTokensFromConfiguration(), it 'breaks' after finding the first token. I ran into issues while trying to setup HTTP Basic authentication with the PersistedUsernamePasswordProvider.
Flow would never process the UsernamePasswordHttpBasic token and the user never gets authenticated. I had to explicitly specify this token in the configuration to get this working.
In short the following configuration does not work
TYPO3:
Flow:
security:
providers:
DefaultProvider:
provider: PersistedUsernamePasswordProvider
entryPoint: 'HttpBasic'
while the following works
TYPO3:
Flow:
security:
providers:
DefaultProvider:
provider: PersistedUsernamePasswordProvider
token: UsernamePasswordHttpBasic
entryPoint: 'HttpBasic'
NOTE: Also, as per the documentation the parameter should be "tokenClass"; which is incorrect, it is "token"
Is this the expected behaviour ?
How do I get Flow to process all tokens supported by an authentication provider ?
Thanks for the help.
Anup
More information about the Flow
mailing list