1

I'm using Symfony Security with a custom User Provider in my system. It provide users via a web service.
I configure the provider according to this tutorial (http://symfony.com/doc/current/cookbook/security/custom_provider.html).

Here is the function which check the user:

public function loadUserByUsername($username)
{
    $userData = webServiceCheckUser($username);
    // return an array whit user credentials
    if ($userData) {
        $password = $userData['password'];
        $salt = $userData['salt'];
        $roles = $userData['roles'];
        $user = new WebserviceUser($username, $password, $salt, $roles);
        return $user;
    }
    throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
}

This works fine, the function webServiceCheckUser() call a web service with the username and then it return an array with user data. But now I need to check the user through another web service that requires the username and encrypted password of the user to authenticate him. I have a function that encrypts the plain text password like the web service is waiting, but I can't get the password that was typed by the user in the form login within the custom user provider class. It is ok too if I could get the password already encrypted. Either one solve the problem.

There is anyway to do this?

Improve this question
1

1 Answer 1

Reset to default
2

@Pazi is correct in that building your own custom authentication provider will work. However, it's not an easy task.

An alternative approach is to override DaoAuthenticationProvider and have it pass the password to the loadUser function. 

security_listeners.xml:        
    <parameter key="security.authentication.provider.dao.class">
      Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider
    </parameter>

Bit of a hack perhaps but it saves a good deal of work.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I see. But this still so complicated to me because I'm beginner in Symphony. Do you have a link with some example?
Nope. Security is one of the hardest things to understand. If you need to use an external provider then you will just have to buckle down and understand how the system works.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.