Received: by 10.224.111.140 with SMTP id s12mr5481179qap.5.1351673615126;
Wed, 31 Oct 2012 01:53:35 -0700 (PDT)
X-BeenThere: symfony2@googlegroups.com
Received: by 10.224.186.211 with SMTP id ct19ls2229655qab.8.gmail; Wed, 31 Oct
2012 01:53:30 -0700 (PDT)
Received: by 10.224.138.142 with SMTP id a14mr18517162qau.4.1351673610892;
Wed, 31 Oct 2012 01:53:30 -0700 (PDT)
Received: by 10.224.67.196 with SMTP id s4msqai;
Tue, 30 Oct 2012 12:24:32 -0700 (PDT)
Received: by 10.52.175.73 with SMTP id by9mr6341600vdc.1.1351625072314;
Tue, 30 Oct 2012 12:24:32 -0700 (PDT)
Date: Tue, 30 Oct 2012 12:24:31 -0700 (PDT)
From: kjg <karsten.john.ger...@googlemail.com>
To: symfony2@googlegroups.com
Message-Id: <1b4a52ac-6d73-4385-8e43-84e737b6a606@googlegroups.com>
Subject: Ajax and Security Firewalls
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_568_23114380.1351625071846"
------=_Part_568_23114380.1351625071846
Content-Type: multipart/alternative;
boundary="----=_Part_569_23738707.1351625071846"
------=_Part_569_23738707.1351625071846
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Hi There!
I have a problem and i dont really know how to solve it. Let me describe:
I have a controller that handles all my Ajax-Requests. The typical issue
with that is, that at some point the session times out or the user delete
the cookies.
With the next request the security forwards the request to the login page.
Config looks like this:
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
What i would need now is a way to send a HTTP 401 and not a 302 if some URL
like domain.com/ajax/* is called.
I tried using the kernel events like kernel.controller and all the others.
But unfortunately the redirect is already done when you receive these
events.
Does anyone have an idea how i can prevent the redirect or set up a
firewall that allways send a 401 for specific URLs?
Is there something like a firewall-event? Is there a complete overview of
all events anyway, that would be so nice!
Hope you can help me,
Cheers Karsten
------=_Part_569_23738707.1351625071846
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi There!<br><br>I have a problem and i dont really know how to solve it. L=
et me describe:<br><br>I have a controller that handles all my Ajax-Request=
s. The typical issue with that is, that at some point the session times out=
or the user delete the cookies.<br>With the next request the security forw=
ards the request to the login page. Config looks like this:<br><br> &n=
bsp; firewalls:<br> main:<b=
r> patter=
n: ^/<br> =
form_login:<br>  =
; provider: fos_userbundle<br> &nb=
sp; =
csrf_provider: form.csrf_provider<br> &=
nbsp; logout: t=
rue<br> a=
nonymous: true<br><br><br>What i would need now is a way =
to send a HTTP 401 and not a 302 if some URL like domain.com/ajax/* is call=
ed.<br><br>I tried using the kernel events like kernel.controller and all t=
he others. But unfortunately the redirect is already done when you receive =
these events. <br><br>Does anyone have an idea how i can prevent the redire=
ct or set up a firewall that allways send a 401 for specific URLs?<br><br>I=
s there something like a firewall-event? Is there a complete overview of al=
l events anyway, that would be so nice!<br><br>Hope you can help me,<br>Che=
ers Karsten<br>
------=_Part_569_23738707.1351625071846--
------=_Part_568_23114380.1351625071846--
Message from discussion Ajax and Security Firewalls
| Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy |
| ©2013 Google |