Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Security] [Bug] AuthenticationManager is never run by AnonymousAuthenticationListener #10651

Closed
@cakper

Description

@cakper

AnonymousAuthenticationProvider contains authenticate method that verifies wether populated AnonymousToken has the same key as current firewall, which is correct but never run.

To fix that we need in method AnonymousAuthenticationListener::handle add call to AuthenticationManager::authenticate and catch Exception that method may throw.

I've got a fix already and could send a PR if you think that's the right approach.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions