Bug #33495

No alternative entry point type can be configured

Added by Robert Lemke over 9 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Should have
Assignee:
Category:
Security
Start date:
2012-01-27
Due date:
% Done:

100%

Estimated time:
PHP Version:
5.3
Has patch:
No
Complexity:

Description

Theoretically it is possible to use another type of entry point than the pre-configured WebRedirect. In practice, however, it is not possible to override the pre-defined type due to a bug in the corresponding parsing function in AuthenticationProviderManager.

While being on it, the setting names and structure could need some improvement to assert that only one entry point can be defined at all. The result should look like this:

providers:
DefaultProvider:
provider: 'PersistedUsernamePasswordProvider'
token: 'TYPO3\FLOW3\Security\Authentication\Token\UsernamePasswordHttpBasic'
entryPoint: 'HttpBasic'
entryPointOptions:
realm: 'Blog'

Also available in: Atom PDF