I am trying to get my security stuff setup for symfony2 and I have it working so far, but now I need to do some more fancy things. I am currently using everything dealing with PreAuthentication (I use a third party component for logging in and session management). That part is working great in tandem with the JMS security bundle.
Now I am to the point when I want to catch the users that are throwing 403s so I can just forward them to the login page of the third party component that I am using. I think my best bet is to add an exception handler to the exception listener. I am looking at the AccessDeniedHandlerInterface.
- Is this the right direction for me to be going?
- How do I add this handler to the exception listener?
EDIT:
I ended up doing something similar. I created a service that is prompted on the kernel.exception event. services.yml looks like this:
services:
kernel.listener.accessDenied:
class: FullyQualifiedNamespacePathToClass
tags:
- { name: kernel.event_listener, event: kernel.exception, method: onAccessDeniedException }
and the class it self:
<?php
namespace FullyQualifiedNamespacePathTo;
use SymfonyComponentHttpKernelEventGetResponseForExceptionEvent,
SymfonyComponentHttpFoundationResponse,
SymfonyComponentSecurityCoreExceptionAccessDeniedException;
class Class
{
public function onAccessDeniedException(GetResponseForExceptionEvent $event)
{
$exception = $event->getException();
//Get the root cause of the exception.
while (null !== $exception->getPrevious()) {
$exception = $exception->getPrevious();
}
if ($exception instanceof AccessDeniedException) {
//Forward to third-party.
}
}
}
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
