[Neos] Calling non-Neos controller gives security error

Mathias Bolt Lesniak, LiliO mathias at lilio.com
Tue Feb 25 15:03:11 CET 2014

Hi Christian!

Thanks for the tip! It looks like the only problem with doing this as a module is that my Controller’s output is wrapped in Neos’ module interface HTML when I call http://testdomain.local/neos/mymodule, so I can’t send plain JSON data ...

PS! There is indeed a hideInMenu property for modules. :-)

Best wishes

Mathias Bolt Lesniak
LiliO - www.lilio.no
mathias at lilio.com
+47 473 28 734

Alle priser er eks. mva. når ikke annet er oppgitt.
Alle oppdrag forholder seg til standard tjenesteavtale:

On 25. feb. 2014, at 13:31, Christian Loock <brainshack at gmail.com> wrote:

> I think you definitly need to add Policies for your controller, since
> missing policies would be interpreted as abstained, which would cause an
> exception.
> Just add ACL for your controller in your Policy.yaml for the
> Typo3.Neos:Editor Role.
> As to the other part of the question:
> You usually won't need to add your own routes. You can just set up your
> module like in this tutorial:
> http://www.matthias-witte.net/how-to-create-a-backend-module-for-typo3-neos/2012/10/
> However, this will also display your module in the menu, but there might be
> a config setting to hide it there. Then you can just use Neos' ViewHelper
> to generate a link to your module. I'm not sure about the name of this
> viewhelper but you can easily look it up in your Neos installation under
> Packages/Application/Typo3.Neos/Class/Typo3/Neos/ViewHelpers i think. (Not
> sure since im at work and dont have a working copy at hand)
> H2H
> 2014-02-25 12:55 GMT+01:00 Mathias Bolt Lesniak, LiliO Design <
> mathias at lilio.com>:
>> Hi!
>> I'm trying to dynamically load data into an inspector SelectBox, by
>> modifying Neos' MasterPluginEditor.js file, but when I try to fetch data
>> from my own controller, I get a security error: "#1258721059: The security
>> context contained no tokens which could be authenticated."
>> On the PHP side, I have basically followed the steps in the chapter
>> "Creating a TYPO3 Neos plugin" of the Integrator Guide, which means I have
>> also added the Flow default routes to Configuration/Routes.yaml, so I
>> should be able to see the output from the controller when accessing
>> http://testdomain.local/mypackage/mycontroller/myaction. Instead I get
>> this security error.
>> What is the right way here? Should I A) add a policy or is there a way to
>> B) call the controller through some Neos API?
>> Option B is maybe the best, as it doesn't require adding the Flow default
>> routes to Configuration/Routes.yaml of every Neos implementation.
>> Any help would be much appreciated! :-)
>> Best wishes
>> Mathias Bolt Lesniak
>> LiliO - www.lilio.no
>> mathias at lilio.com
>> _______________________________________________
>> Neos mailing list
>> Neos at lists.typo3.org
>> http://lists.typo3.org/cgi-bin/mailman/listinfo/neos
> _______________________________________________
> Neos mailing list
> Neos at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/neos

More information about the Neos mailing list