Closed
Closed
Copy link
Description
Symfony version(s) affected: 4.1.0
Description
Symfony 4.1.0 logs a request.CRITICAL whenever authentication is required.
[2018-06-14 20:52:10] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2018-06-14 20:52:10] request.CRITICAL: Uncaught PHP Exception Symfony\Component\Security\Core\Exception\AccessDeniedException: "Access Denied." at /Users/cjm/Sites/website-skeleton/vendor/symfony/security/Http/Firewall/AccessListener.php line 68 {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): Access Denied. at /Users/cjm/Sites/website-skeleton/vendor/symfony/security/Http/Firewall/AccessListener.php:68)"} []
[2018-06-14 20:52:10] security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): Access Denied. at /Users/cjm/Sites/website-skeleton/vendor/symfony/security/Http/Firewall/AccessListener.php:68)"} []
[2018-06-14 20:52:10] security.DEBUG: Calling Authentication entry point. [] []
This behavior is different than Symfony 3, which does not log the request.CRITICAL. It should be silenced because the exception is actually caught.
How to reproduce
- Follow part 1-a on https://symfony.com/doc/current/security.html to configure basic authentication. Observe the log file when the /admin route receives a GET request.
Possible Solution
Additional context