Issue with fallback on in_memory with http basic
Opened this issue · 5 comments
Hi guys,
I am working with your component and I have a specific necessity.
I want to use an SSO service with your package, but I also want to use the in_memory default symfony solution as a fallback.
I tried to use a chained provider and also tried to specify the fallback like this:
my_firewall:
pattern: ^/saml
security: true
light_saml_sp:
provider: my_saml_user_provider
user_creator: my_saml_user_factory
login_path: /login
check_path: /saml/login_check
always_use_default_target_path: true
default_target_path: /admin
require_previous_session: false
logout:
path: /logout
http_basic:
realm: "Access denied"
provider: in_memory
It doesn't work, I just continue being redirected to the login page. How can I make it trigger the in_memory provider as a fallback? Thanks
It's a general Symfony security question, and not directly related to lightsaml... but from the top of my head, you could try with custom entry point, or customer authentication handler... Maybe it would be better to ask for symfony support on it.
Hi @tmilos , thanks for the answer :) I posted here because I am getting this issue only when using this bundle and related provider :) I will keep you updated, in the meantime let me know if you have any ideas about that :) thanks
Could you post an example of working fallbacks, so I could debug and find what's different in this case?
Sure!
Here's what I've done:
Test 1 - Working
I used a chained provider with the default FOSUserBundle provider as chain first element, and the "in_memory" provider as second. I can post an example snippet if you want, but it's just a basic chain provider.
If I go to a route that is protected by the firewall, If I am logged with the FOSUserBundle User I can access to it without issues. Otherwise, the basic auth dialog is prompted.
Test 2 - Not Working
I used this bundle and the two ways I have to declare a fallback are not working.
Way 1: use the chained provider in the default config for the bundle, like this:
my_firewall:
pattern: ^/saml
security: true
light_saml_sp:
provider: my_chained_provider
user_creator: my_saml_user_factory
login_path: /login
check_path: /saml/login_check
always_use_default_target_path: true
default_target_path: /admin
require_previous_session: false
logout:
path: /logout
This is not working.
Way 2: the example I pasted up here. The symfony docs says that I can specify a fallback http basic auth in that way, by adding an "http_basic" element to the config. This is also not working.
As told before, I wrote here because I am experiencing this issue only with this bundle :(
Thanks
@francescomalatesta did you find a solution to this ? I have the same problem