Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SecurityBundle] Set request stateless only if the attribute is not defined #49997

Merged
merged 1 commit into from
Apr 12, 2023
Merged

[SecurityBundle] Set request stateless only if the attribute is not defined #49997

merged 1 commit into from
Apr 12, 2023

Conversation

tucksaun
Copy link
Contributor

@tucksaun tucksaun commented Apr 11, 2023
edited

Q A
Branch? 6.3
Bug fix? yes-ish
New feature? no
Deprecations? no
Tickets #48044 (comment)
License MIT
Doc PR n/a

The current implementation makes sense for most cases but not for every case as one can have a stateless authentication but still requires sessions.
This PR allows setting the request as non-stateless while having a stateless firewall but keeping the new behavior by default.

@carsonbot carsonbot added this to the 6.3 milestone Apr 11, 2023
@nicolas-grekas
Copy link
Member

Thank you @tucksaun.

@nicolas-grekas nicolas-grekas merged commit 2d77238 into symfony:6.3 Apr 12, 2023
7 checks passed
@tucksaun tucksaun deleted the security/statefull-route-stateless-firewall branch April 12, 2023 11:15
@alamirault alamirault mentioned this pull request Apr 12, 2023
Merged
@alamirault
Copy link
Contributor

Thanks @tucksaun, I missed this case !

OskarStark added a commit to symfony/symfony-docs that referenced this pull request Apr 13, 2023
@OskarStark
minor #18195 Set request stateless only if the attribute is not defin…
7aad2a2 
…ed (alamirault)

This PR was squashed before being merged into the 6.3 branch.

Discussion
----------

Set request stateless only if the attribute is not defined

symfony/symfony#48044 added in 6.3 was updated in symfony/symfony#49997.

This PR ajust behavior documentation

Commits
-------

20ee4d7 Set request stateless only if the attribute is not defined
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wouterj wouterj Awaiting requested review from wouterj

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

Assignees
No one assigned
Labels
Bug SecurityBundle Status: Needs Review
Projects
None yet
Milestone
6.3
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tucksaun @nicolas-grekas @alamirault @carsonbot