search

djoos / EscapeWSSEAuthenticationBundle

Symfony bundle to implement WSSE authentication
http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
137 stars 59 forks source link

WWW-Authentification header on 401 unauthorized #12

Closed newLoki closed 11 years ago

newLoki commented 11 years ago

Just added support to add the WWW-Authenticate header when the client is not authenticated. The header includes a realm and a profile string, both are configurable.

This feature is fully unit tested, so it can hopefully merged soon.

The header is important to tell the client, with which protocol is supported to authenticate.

djoos commented 11 years ago

Hi guys,

thanks for the commits and the PR...

Hmmm: 1) I'm not 100% sure whether it's a good idea though to publish a fork to Packagist, unless you would like to branch and maintain a separate WSSEAuthenticationBundle. 2) It looks like I'll have to cherry pick changes/commits in order to get only the right changes merged into our EscapeWSSEAuthenticationBundle.

I'll try to take a look at it tomorrow, ok? I hope we can get the original functionality of the PR (WWW-Authentification header on 401 unauthorized) merged in ASAP, have a great evening!

Kind regards, David

newLoki commented 11 years ago

Sorry for the packagist fork, I wasn't sure about your response time and we need this feature as soon as possible in our project, so I created a fork.

But the necessary comits are

and maybe you want also to pick 23430c3781f0d95869d4e9e20d8805dfc831abf3 to get the same idents in every file.

Best regards, Alberto

djoos commented 11 years ago

Hi @newLoki,

that's ok, just found it a bit weird to push a fork to Packagist as "Please do not submit forks of existing packages. If you need to test changes to a package that you forked please use VCS Repositories instead. If you feel that your fork merits being included in Packagist and you intend to maintain your fork long-term please feel free to submit it."

So, here's the solution: http://getcomposer.org/doc/05-repositories.md#vcs In this particular case I would suggest you to make the following changes: "repositories": [ { "type": "git", "url": "https://github.com/MayFlower/EscapeWSSEAuthenticationBundle" }, ], "require": { ... "escapestudios/wsse-authentication-bundle": "2.1.x-dev@dev", ... },

In this way you don't need to push your fork to Packagist and you can get going with your required changes to the bundle right-away. As soon as your changes are merged, you can take the repositories-entry in your composer.json.

Hope this helps!

Kind regards, David

djoos commented 11 years ago

Hi @newLoki,

I've revisted the changes you put in your PR and added them into the bundle; both in the v2.1.x-branch for Symfony2.1, and the upcoming v2.2.x (master) for Symfony2.2.

As part of these changes I've also cleaned up the indentation of this bundle, as you were absolutely right: it was a right mess and all tabs have now been replaced by spaces...

Hope this helps, don't hesitate to get in touch if you have any additional remarks or comments!

Kind regards, David