Bug #37377

Internal Request Engine needs to clear security context

Added by Aske Ertmann over 9 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Must have
Assignee:
-
Category:
Http
Start date:
2012-05-21
Due date:
% Done:

100%

Estimated time:
PHP Version:
5.3
Has patch:
No
Complexity:

Description

In order to get the security tokens matching the new request created in the internal request engine, the security context should be cleared using the "clearContext" method. This means that the tokens will be matched with the configuration from the routing based on the new request and not the parent request.

This breaks "TYPO3\TYPO3\Tests\Functional\Controller\Backend\BackendControllerSecurityTest::indexActionIsDeniedForEverybody", because it throws an uncaught exception in the AuthenticationProviderManager, since no tokens are available when trying to authenticate. The reason why there aren't any tokens is, that the tokens are separated active/inactive when initializing the security context. When clearing the context, the separate method is called again with the correct controller object names allowing request pattern matching.

#1

Updated by Gerrit Code Review over 9 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/11390

#2

Updated by Gerrit Code Review over 9 years ago

Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/11390

#3

Updated by Gerrit Code Review over 9 years ago

Patch set 3 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/11390

#4

Updated by Gerrit Code Review over 9 years ago

Patch set 4 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/11390

#5

Updated by Gerrit Code Review over 9 years ago

Patch set 5 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/11390

#6

Updated by Gerrit Code Review over 9 years ago

Patch set 6 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/11390

#7

Updated by Anonymous over 9 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
#8

Updated by Gerrit Code Review over 9 years ago

  • Status changed from Resolved to Under Review

Patch set 1 for branch FLOW3-1.1 has been pushed to the review server.
It is available at http://review.typo3.org/12115

#9

Updated by Anonymous over 9 years ago

  • Status changed from Under Review to Resolved

Also available in: Atom PDF