Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

[2.2][Security] concurrent sessions #786

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 38 commits into from
Closed

[2.2][Security] concurrent sessions #786

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
c0b33f8
added listener, strategy, registry, configuration for concurrent sess…
May 4, 2011
0f3d7c4
added SessionLogoutHandler to setup of ConcurrentSessionListener
May 5, 2011
e9bcd84
removed uneeded interface
May 5, 2011
9f4a52d
Merge branch 'master' of https://github.com/symfony/symfony
May 5, 2011
507befa
removed security.authentication.session_registry_storage service from…
May 5, 2011
5559ef8
removed unneeded methods
May 5, 2011
238606b
Merge branch 'master' of https://github.com/symfony/symfony
May 6, 2011
455197f
prepare Doctrine implementation of SessionRegistryStorage
May 17, 2011
a4eeae5
Merge branch 'master' of github.com:paschke/symfony
May 28, 2011
aadb2a7
default Doctrine implementation of SessionInformation
Jun 2, 2011
5b5edd8
Merge branch 'master' of https://github.com/symfony/symfony
Jun 2, 2011
33d83b4
removed SessionInformationIterator class
Jun 2, 2011
624b01f
forgot query condition
Jun 2, 2011
7032534
Merge branch 'master' of github.com:symfony/symfony
Dec 15, 2011
bc182f9
added DBAL default implementation of Symfony\Component\Security\Http\…
Dec 22, 2011
d0c826a
recreate SessionInformation if they were lost from the registry
Dec 22, 2011
c9f08a4
minor fixes
Dec 22, 2011
13813da
added listener, strategy, registry, configuration for concurrent sess…
May 4, 2011
8ef6923
added SessionLogoutHandler to setup of ConcurrentSessionListener
May 5, 2011
f4f0a8c
removed uneeded interface
May 5, 2011
e11a540
removed security.authentication.session_registry_storage service from…
May 5, 2011
a3d0a59
removed unneeded methods
May 5, 2011
c800408
prepare Doctrine implementation of SessionRegistryStorage
May 17, 2011
9c8bd21
default Doctrine implementation of SessionInformation
Jun 2, 2011
2efbf11
removed SessionInformationIterator class
Jun 2, 2011
3cb882c
forgot query condition
Jun 2, 2011
0aa9353
added DBAL default implementation of Symfony\Component\Security\Http\…
Dec 22, 2011
ff2122b
recreate SessionInformation if they were lost from the registry
Dec 22, 2011
efc783b
minor fixes
Dec 22, 2011
d302e37
Merge branch 'master' of http://github.com/paschke/symfony
Dec 23, 2011
bed28d2
moved DBAL implemention of SessionInformation to /Bridge
Dec 23, 2011
29e2f27
Merge branch 'master' of git://github.com/symfony/symfony
Jan 3, 2012
7a0f46a
use HttpUtils in ConcurrentSessionListener
Jan 4, 2012
ac7a1d6
removed @return void comments
Apr 8, 2012
b24a364
Merge branch 'master' of git://github.com/symfony/symfony
Apr 8, 2012
f7dfb3f
reacting to comments on PR 786
Apr 9, 2012
3cef9bb
reuse the instance level loader n src/Symfony/Bundle/SecurityBundle/D…
Apr 9, 2012
d567980
passing sessionStrategy into authenticationListenerFactories individu…
Apr 9, 2012
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
added DBAL default implementation of Symfony\Component\Security\Http\… 
…Session\SessionRegistryStorageInterface
  • Loading branch information
Stefan Paschke committed Dec 22, 2011
commit bc182f9c0670a9e262f3e8e8d3814cd7f58dc65f
31 changes: 24 additions & 7 deletions 31 src/Symfony/Bundle/SecurityBundle/Command/InitConcurrentSessionsCommand.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,18 +11,17 @@

namespace Symfony\Bundle\SecurityBundle\Command;

use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
use Symfony\Component\Security\Http\Session\Dbal\Schema;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Output\Output;
use Doctrine\ORM\Tools\Console\Command\SchemaTool\CreateCommand;
use Symfony\Bundle\DoctrineBundle\Command\Proxy\DoctrineCommandHelper;

/**
* Installs the database schema required by the concurrent session Doctrine implementation
*
* @author Stefan Paschke <stefan.paschke@gmail.com>
*/
class InitConcurrentSessionsCommand extends CreateCommand
class InitConcurrentSessionsCommand extends ContainerAwareCommand
{
/**
* @see Command
Expand All @@ -33,7 +32,7 @@ protected function configure()

$this
->setName('init:concurrent-session')
->setDescription('Executes the SQL needed to generate the database schema reqired by the concurrent sessions feature.')
->setDescription('Executes the SQL needed to generate the database schema required by the concurrent sessions feature.')
->setHelp(<<<EOT
The <info>init:concurrent-session</info> command executes the SQL needed to
generate the database schema required by the concurrent session Doctrine implementation:
Expand All @@ -52,8 +51,26 @@ protected function configure()
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
DoctrineCommandHelper::setApplicationEntityManager($this->getApplication(), 'security');
$connection = $this->getContainer()->get('security.session_registry.dbal.connection');
$sm = $connection->getSchemaManager();
$tableNames = $sm->listTableNames();
$tables = array(
'session_information_table_name' => $this->getContainer()->getParameter('security.session_registry.dbal.session_information_table_name'),
);

foreach ($tables as $table) {
if (in_array($table, $tableNames, true)) {
$output->writeln(sprintf('The table "%s" already exists. Aborting.', $table));

return;
}
}

$schema = new Schema($tables);
foreach ($schema->toSql($connection->getDatabasePlatform()) as $sql) {
$connection->exec($sql);
}

parent::execute($input, $output);
$output->writeln('concurrent session tables have been initialized successfully.');
}
}
20 changes: 20 additions & 0 deletions 20 src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,10 +79,30 @@ public function getConfigTreeBuilder()
$this->addFirewallsSection($rootNode, $this->factories);
$this->addAccessControlSection($rootNode);
$this->addRoleHierarchySection($rootNode);
$this->addSessionRegistrySection($rootNode);

return $tb;
}

private function addSessionRegistrySection(ArrayNodeDefinition $rootNode)
{
$rootNode
->children()
->arrayNode('session_registry')
->children()
->scalarNode('connection')->end()
->arrayNode('tables')
->addDefaultsIfNotSet()
->children()
->scalarNode('session_information')->defaultValue('cs_session_information')->end()
->end()
->end()
->end()
->end()
->end()
;
}

private function addAclSection(ArrayNodeDefinition $rootNode)
{
$rootNode
Expand Down
29 changes: 29 additions & 0 deletions 29 src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,10 @@ public function load(array $configs, ContainerBuilder $container)
$loader->load('templating_twig.xml');
$loader->load('collectors.xml');

if (isset($config['session_registry'])) {
$this->sessionRegistryLoad($config['session_registry'], $container);
}

// set some global scalars
$container->setParameter('security.access.denied_url', $config['access_denied_url']);
$container->setParameter('security.authentication.manager.erase_credentials', $config['erase_credentials']);
Expand Down Expand Up @@ -158,6 +162,31 @@ private function configureDbalAclProvider(array $config, ContainerBuilder $conta
$container->setParameter('security.acl.dbal.sid_table_name', $config['tables']['security_identity']);
}

private function sessionRegistryLoad($config, ContainerBuilder $container)
{
$loader = new XmlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you should pass the loader to the method instead of creating a new one

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

$loader->load('security_session_registry.xml');

if (isset($config['session_registry_storage'])) {
// FIXME: define custom session registry storage

return;
}

$this->configureDbalSessionRegistryStorage($config, $container, $loader);
}

private function configureDbalSessionRegistryStorage($config, ContainerBuilder $container, $loader)
{
$loader->load('security_session_registry_dbal.xml');

if (isset($config['connection'])) {
$container->setAlias('security.session_registry.dbal.connection', sprintf('doctrine.dbal.%s_connection', $config['connection']));
}

$container->setParameter('security.session_registry.dbal.session_information_table_name', $config['tables']['session_information']);
}

/**
* Loads the web configuration.
*
Expand Down
55 changes: 0 additions & 55 deletions 55 src/Symfony/Bundle/SecurityBundle/Doctrine/DoctrineSessionInformation.php
View file
Open in desktop

This file was deleted.

84 changes: 0 additions & 84 deletions 84 src/Symfony/Bundle/SecurityBundle/Doctrine/DoctrineSessionRegistryStorage.php
View file
Open in desktop

This file was deleted.

19 changes: 0 additions & 19 deletions 19 src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,6 @@
<parameter key="security.authentication.manager.class">Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager</parameter>

<parameter key="security.authentication.session_strategy.class">Symfony\Component\Security\Http\Session\SessionAuthenticationStrategy</parameter>
<parameter key="security.authentication.concurrent_session_strategy.class">Symfony\Component\Security\Http\Session\ConcurrentSessionControlStrategy</parameter>
<parameter key="security.authentication.session_registry.class">Symfony\Component\Security\Http\Session\SessionRegistry</parameter>
<parameter key="security.authentication.session_registry_storage.class">Symfony\Bundle\SecurityBundle\Doctrine\DoctrineSessionRegistryStorage</parameter>
<parameter key="security.authentication.session_information.class">Symfony\Bundle\SecurityBundle\Doctrine\DoctrineSessionInformation</parameter>

<parameter key="security.access.decision_manager.class">Symfony\Component\Security\Core\Authorization\AccessDecisionManager</parameter>

Expand Down Expand Up @@ -72,21 +68,6 @@
<argument>%security.authentication.session_strategy.strategy%</argument>
</service>

<service id="security.authentication.concurrent_session_strategy" class="%security.authentication.concurrent_session_strategy.class%" public="false">
<argument type="service" id="security.authentication.session_registry" />
<argument /> <!-- maximum Sessions -->
<argument /> <!-- Strategy -->
</service>

<service id="security.authentication.session_registry" class="%security.authentication.session_registry.class%" public="false">
<argument type="service" id="security.authentication.session_registry_storage" />
<argument>%security.authentication.session_information.class%</argument>
</service>

<service id="security.authentication.session_registry_storage" class="%security.authentication.session_registry_storage.class%" public="true">
<argument type="service" id="doctrine.orm.security_entity_manager" />
</service>

<service id="security.encoder_factory.generic" class="%security.encoder_factory.generic.class%" public="false">
<argument type="collection"></argument>
</service>
Expand Down
25 changes: 25 additions & 0 deletions 25 src/Symfony/Bundle/SecurityBundle/Resources/config/security_session_registry.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
<?xml version="1.0" encoding="UTF-8"?>

<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

<parameters>
<parameter key="security.authentication.concurrent_session_strategy.class">Symfony\Component\Security\Http\Session\ConcurrentSessionControlStrategy</parameter>
<parameter key="security.authentication.session_registry.class">Symfony\Component\Security\Http\Session\SessionRegistry</parameter>
<parameter key="security.authentication.session_information.class">Symfony\Component\Security\Http\Session\SessionInformation</parameter>
</parameters>

<services>
<service id="security.authentication.concurrent_session_strategy" class="%security.authentication.concurrent_session_strategy.class%" public="false">
<argument type="service" id="security.authentication.session_registry" />
<argument /> <!-- maximum Sessions -->
<argument /> <!-- Strategy -->
</service>

<service id="security.authentication.session_registry" class="%security.authentication.session_registry.class%" public="false">
<argument type="service" id="security.authentication.session_registry_storage" />
<argument>%security.authentication.session_information.class%</argument>
</service>
</services>
</container>
25 changes: 25 additions & 0 deletions 25 src/Symfony/Bundle/SecurityBundle/Resources/config/security_session_registry_dbal.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
<?xml version="1.0" encoding="UTF-8"?>

<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

<parameters>
<parameter key="security.authentication.session_registry_storage.class">Symfony\Component\Security\Http\Session\Dbal\SessionRegistryStorage</parameter>
<parameter key="security.authentication.session_information.class">Symfony\Component\Security\Http\Session\Dbal\DbalSessionInformation</parameter>
</parameters>

<services>
<service id="security.session_registry.dbal.connection" alias="database_connection" />


<service id="security.authentication.session_registry_storage" class="%security.authentication.session_registry_storage.class%" public="true">
<argument type="service" id="security.session_registry.dbal.connection" />
<argument type="collection">
<argument key="session_information_table_name">%security.session_registry.dbal.session_information_table_name%</argument>
<argument key="session_information_class_name">%security.authentication.session_information.class%</argument>
</argument>
</service>

</services>
</container>
37 changes: 37 additions & 0 deletions 37 src/Symfony/Component/Security/Http/Session/Dbal/DbalSessionInformation.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
<?php

/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien.potencier@symfony-project.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/

namespace Symfony\Component\Security\Http\Session\Dbal;

use Symfony\Component\Security\Http\Session\SessionInformation;

/**
* DbalSessionInformation.
*
* Allows to persist SessionInformation using Doctrine DBAL.
*
* @author Stefan Paschke <stefan.paschke@gmail.com>
*/
class DbalSessionInformation extends SessionInformation
{
public function __construct($sessionId, $username, \DateTime $lastRequest = null, \DateTime $expired = null)
{
parent::__construct($sessionId, $username);

if (null !== $lastRequest) {
$this->setLastRequest($lastRequest);
}

if (null !== $expired) {
$this->setExpired($expired);
}
}
}
Loading
Morty Proxy This is a proxified and sanitized view of the page, visit original site.