Thanks to visit codestin.com
Credit goes to github.com

Skip to content

SwitchUserToken incompatible with always_authenticate_before_granting #32756

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dsentker opened this issue Jul 26, 2019 · 3 comments
Closed

SwitchUserToken incompatible with always_authenticate_before_granting #32756

dsentker opened this issue Jul 26, 2019 · 3 comments
Labels
Bug Security Status: Needs Review Status: Waiting feedback

Comments

@dsentker
Copy link

Symfony version(s) affected: 4.3

Description
If a user is impersonating another user, the Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken is created. But then, a Authentication Provider cannot be found for this token if the always_authenticate_before_granting configuration option is set to true. This is causing a redirect loop as printed in the logfile:

security.INFO: An AuthenticationException was thrown; redirecting to authentication entry point. [...] ProviderNotFoundException: No Authentication Provider found for token of class SwitchUserToken at [...]AuthenticationProviderManager.php:107)"

This exception is not thrown if always_authenticate_before_granting is removed from the security.yaml file.

How to reproduce

  1. Set always_authenticate_before_granting to true
  2. Impersonate a user
  3. Visit a URL that is behind a firewall

Possible Solution
I have no idea how to fix this. This issue #8974 is very similar to this one, but this is six years old.
@xabbuh
Copy link
Member

xabbuh commented Aug 8, 2020

Would the NullToken introduced in #37620 help here?

@xabbuh
Copy link
Member

xabbuh commented Oct 28, 2020

I am going to close here for now due to the lack of feedback. Please let us know when you have more information and we can consider to reopen.

@xabbuh xabbuh closed this as completed Oct 28, 2020
@ndoulgeridis
Copy link

ndoulgeridis commented Oct 17, 2021
edited
Loading

I have this same behavior on 5.3.7, any idea how to fix it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Security Status: Needs Review Status: Waiting feedback
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@javiereguiluz @dsentker @xabbuh @ndoulgeridis @carsonbot