[Neos] Calling non-Neos controller gives security error
Mathias Bolt Lesniak, LiliO
mathias at lilio.com
Tue Feb 25 15:03:11 CET 2014
Thanks for the tip! It looks like the only problem with doing this as a module is that my Controller’s output is wrapped in Neos’ module interface HTML when I call http://testdomain.local/neos/mymodule, so I can’t send plain JSON data ...
PS! There is indeed a hideInMenu property for modules. :-)
Mathias Bolt Lesniak
LiliO - www.lilio.no
mathias at lilio.com
+47 473 28 734
Alle priser er eks. mva. når ikke annet er oppgitt.
Alle oppdrag forholder seg til standard tjenesteavtale:
On 25. feb. 2014, at 13:31, Christian Loock <brainshack at gmail.com> wrote:
> I think you definitly need to add Policies for your controller, since
> missing policies would be interpreted as abstained, which would cause an
> Just add ACL for your controller in your Policy.yaml for the
> Typo3.Neos:Editor Role.
> As to the other part of the question:
> You usually won't need to add your own routes. You can just set up your
> module like in this tutorial:
> However, this will also display your module in the menu, but there might be
> a config setting to hide it there. Then you can just use Neos' ViewHelper
> to generate a link to your module. I'm not sure about the name of this
> viewhelper but you can easily look it up in your Neos installation under
> Packages/Application/Typo3.Neos/Class/Typo3/Neos/ViewHelpers i think. (Not
> sure since im at work and dont have a working copy at hand)
> 2014-02-25 12:55 GMT+01:00 Mathias Bolt Lesniak, LiliO Design <
> mathias at lilio.com>:
>> I'm trying to dynamically load data into an inspector SelectBox, by
>> modifying Neos' MasterPluginEditor.js file, but when I try to fetch data
>> from my own controller, I get a security error: "#1258721059: The security
>> context contained no tokens which could be authenticated."
>> On the PHP side, I have basically followed the steps in the chapter
>> "Creating a TYPO3 Neos plugin" of the Integrator Guide, which means I have
>> also added the Flow default routes to Configuration/Routes.yaml, so I
>> should be able to see the output from the controller when accessing
>> http://testdomain.local/mypackage/mycontroller/myaction. Instead I get
>> this security error.
>> What is the right way here? Should I A) add a policy or is there a way to
>> B) call the controller through some Neos API?
>> Option B is maybe the best, as it doesn't require adding the Flow default
>> routes to Configuration/Routes.yaml of every Neos implementation.
>> Any help would be much appreciated! :-)
>> Best wishes
>> Mathias Bolt Lesniak
>> LiliO - www.lilio.no
>> mathias at lilio.com
>> Neos mailing list
>> Neos at lists.typo3.org
> Neos mailing list
> Neos at lists.typo3.org
More information about the Neos