Gracefully handle an aborted HTTP authentication browser login attempt in Symfony 2 application
I would like to gracefully handle an aborted HTTP login attempt in my SF2 application.
Currently, when I click the following anchor I get the standard browser HTTP authentication pop-up. However, if I click 'cancel' I get through to a blank /secret/landing.
How can I modify my security/firewall configuration to simply close the modal and remain on the same page?
<a href="/secret/landing/">Sign In</a>
My security.yml looks like this:
security:
providers:
in_memory:
memory:
users:
crmpiccosecret:
password: rfc1872
roles: 'ROLE_SECRET'
firewalls:
secret:
pattern: ^/secret/$
anonymous: true
secret_secured:
pattern: ^/secret/.*$
http_basic: ~
provider: in_memory
context: secret
access_control:
- { path: ^/secret, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/secret/.*, roles: ROLE_SECRET }
I found the desired behaviour can be achieved by changing the href to data-href, or something arbitrary:
<a data-href="/secret/landing/" class="btn btn--primary inline--block sign-in-button no--margin-b">Sign In</a>
and then making the request via AJAX. So, if it aborted then we stay on the same page but if it's successful then you are taken to that page by means of a JavaScript redirect.
This example is in CoffeeScript, because that is what I am using but the code is quite minimal and can be converted to JavaScript/jQuery as needed:
secretSignInButtonClickHandler: (e) =>
e.preventDefault()
href = $(e.currentTarget).attr('data-href')
$.ajax
url: href
success: (response) =>
document.location = href
Hope this helps someone.
- How do I read from parameters.yml in a controller in symfony2?
- Symfony-ux-live-component No matching "form" property or mount() argument was found
- Symfony ignores / does not override values by .env.local file
- Doctrine migrations: how to retrieve value right after insert
- How do I read configuration settings from Symfony2 config.yml?
- Validate enum type with [#Assert\Choice]
- Symfony web test case JSON
- How do I get the object id of an entity during the postRemove event?
- Cross Join to DQL
- Foreign Key Constraints does not work with Doctrine/Symfony and SQLite
- How to make a search query for Max and Min in Symfony4?
- Use an external repository with symfony4 trouble with autoload and parameters
- Why after upgrading to Symfony 4.4 I no longer get the error preview pages?
- entity/model property reserved for the image file upload is newer being set by the form system (result is always null - no errors)
- Overriding Controller in Symfony 4.4 (Decorates) - "You have requested a non-existent service"
- How can I implement a dotrine entity event listener
- return a custom status code in User Checker
- Where is correct place to authenticate users from multiple places?
- Using LexikJWTAuthenticationBundle with an LDAP Provider
- Redirect to "/" route in symfony
- How to start local server with symfony 5 or downgrade version to 4.4?
- Custom voter does not work as expected after migrating from Symfony 3.4 to Symfony 4.4
- LANG variable isn't overriden in testing environment
- symfony - getting logged out at form->handleRequest
- How to get the value of a key from the .env file?
- Symfony 4.4 metadata_cache_driver configuration key deprecation notice
- Add TINYINT to Doctrine SQL types
- Connection could not be established with host "ssl://null:465": stream_socket_client(): php_network_getaddresses: getaddrinfo failed
- Symfony 4 with translations, no route to / without _locale
- How to use `IntlDateFormatter` in Symfony?