[Security] Do not save the target path in the session for a stateless firewall

lyrixx · fabpot · commit 6ff8306c19b5 · 2015-07-26T20:14:09.000+02:00
diff --git a/DependencyInjection/SecurityExtension.php b/DependencyInjection/SecurityExtension.php
@@ -349,7 +349,7 @@ private function createFirewall(ContainerBuilder $container, $id, $firewall, &$a
         $listeners[] = new Reference('security.access_listener');
 
         // Exception listener
-        $exceptionListener = new Reference($this->createExceptionListener($container, $firewall, $id, $configuredEntryPoint ?: $defaultEntryPoint));
+        $exceptionListener = new Reference($this->createExceptionListener($container, $firewall, $id, $configuredEntryPoint ?: $defaultEntryPoint, $firewall['stateless']));
 
         return array($matcher, $listeners, $exceptionListener);
     }
@@ -534,12 +534,13 @@ private function getUserProviderId($name)
         return 'security.user.provider.concrete.'.$name;
     }
 
-    private function createExceptionListener($container, $config, $id, $defaultEntryPoint)
+    private function createExceptionListener($container, $config, $id, $defaultEntryPoint, $stateless)
     {
         $exceptionListenerId = 'security.exception_listener.'.$id;
         $listener = $container->setDefinition($exceptionListenerId, new DefinitionDecorator('security.exception_listener'));
         $listener->replaceArgument(3, $id);
         $listener->replaceArgument(4, null === $defaultEntryPoint ? null : new Reference($defaultEntryPoint));
+        $listener->replaceArgument(8, $stateless);
 
         // access denied handler setup
         if (isset($config['access_denied_handler'])) {
diff --git a/Resources/config/security_listeners.xml b/Resources/config/security_listeners.xml
@@ -186,6 +186,7 @@
             <argument>%security.access.denied_url%</argument>
             <argument type="service" id="security.access.denied_handler" on-invalid="null" />
             <argument type="service" id="logger" on-invalid="null" />
+            <argument>false</argument> <!-- Stateless -->
         </service>
 
         <service id="security.authentication.switchuser_listener" class="%security.authentication.switchuser_listener.class%" public="false" abstract="true">

Original file line number	Diff line number	Diff line change
`@@ -349,7 +349,7 @@ private function createFirewall(ContainerBuilder $container, $id, $firewall, &$a`
`349`	`349`	`$listeners[] = new Reference('security.access_listener');`
`350`	`350`
`351`	`351`	`// Exception listener`
`352`		`- $exceptionListener = new Reference($this->createExceptionListener($container, $firewall, $id, $configuredEntryPoint ?: $defaultEntryPoint));`
	`352`	`+ $exceptionListener = new Reference($this->createExceptionListener($container, $firewall, $id, $configuredEntryPoint ?: $defaultEntryPoint, $firewall['stateless']));`
`353`	`353`
`354`	`354`	`return array($matcher, $listeners, $exceptionListener);`
`355`	`355`	`}`
`@@ -534,12 +534,13 @@ private function getUserProviderId($name)`
`534`	`534`	`return 'security.user.provider.concrete.'.$name;`
`535`	`535`	`}`
`536`	`536`
`537`		`- private function createExceptionListener($container, $config, $id, $defaultEntryPoint)`
	`537`	`+ private function createExceptionListener($container, $config, $id, $defaultEntryPoint, $stateless)`
`538`	`538`	`{`
`539`	`539`	`$exceptionListenerId = 'security.exception_listener.'.$id;`
`540`	`540`	`$listener = $container->setDefinition($exceptionListenerId, new DefinitionDecorator('security.exception_listener'));`
`541`	`541`	`$listener->replaceArgument(3, $id);`
`542`	`542`	`$listener->replaceArgument(4, null === $defaultEntryPoint ? null : new Reference($defaultEntryPoint));`
	`543`	`+ $listener->replaceArgument(8, $stateless);`
`543`	`544`
`544`	`545`	`// access denied handler setup`
`545`	`546`	`if (isset($config['access_denied_handler'])) {`