Switch user and parametr always_authenticate_before_granting #8974
Labels
Comments
|
You should ask on the mailinglist |
fabpot
added a commit
that referenced
this issue
Dec 29, 2013
…le. (pawaclawczyk) This PR was squashed before being merged into the 2.3 branch (closes #8997). Discussion ---------- [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role. <table> <tr> <td><b>Q</b></td> <td><b>A</b></td> </tr> <tr> <td>Bug fix?</td> <td>yes</td> </tr> <tr> <td>New feature</td> <td>no</td> </tr> <tr> <td>BC breaks?</td> <td>no</td> </tr> <tr> <td>Deprecations?</td> <td>no</td> </tr> <tr> <td>Tests pass?</td> <td>yes</td> </tr> <tr> <td>Fixed tickets</td> <td>#3085, #8974</td> </tr> <tr> <td>License</td> <td>MIT</td> </tr> <tr> <td>Doc PR</td> <td>n/a</td> </tr> </table> Problem occurs while user is impersonated. Authentication process generates new token and doeas not preserve role ```ROLE_PREVIOUS_ADMIN```. Ex. when parameter ```security.always_authenticate_before_granting``` is enabled. Commits ------- a7baa3b [Security] Fixed problem with losing ROLE_PREVIOUS_ADMIN role.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I need update user's security group without logout him, to see changes, so I had set parameter "always_authenticate_before_granting: true" in security.xml. This is working as expected, but unfortunatly I have a problem with switching user. When i switch to another user with role ROLE_ALLOWED_TO_SWITCH and gain all roles assigned to that user i have no extra role: ROLE_PREVIOUS_ADMIN and cannot back to previous role.
Any help appreciated.
Marcin
The text was updated successfully, but these errors were encountered: