Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
bug #18425 [Security] Fixed SwitchUserListener when exiting an impers…
…onation with AnonymousToken (lyrixx) This PR was merged into the 2.3 branch. Discussion ---------- [Security] Fixed SwitchUserListener when exiting an impersonation with AnonymousToken | Q | A | ------------- | --- | Branch? | 2.3 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - If you configure a firewall with switch user with `role: IS_AUTHENTICATED_ANONYMOUSLY` it's impossible to exit the impersonation because the next line `$this->provider->refreshUser($original->getUser())` will fail. It fails because `RefreshUser` expects an instance of `UserInterface` and here it's a string. Therefore, it does not make sense to refresh an Anonymous Token, right ? Commits ------- 59fea72 [Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken
- Loading branch information
Showing
2 changed files
with
50 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters