Server : Apache System : Linux host44.registrar-servers.com 4.18.0-513.18.1.lve.2.el8.x86_64 #1 SMP Sat Mar 30 15:36:11 UTC 2024 x86_64 User : vapecompany ( 2719) PHP Version : 7.4.33 Disable Function : NONE Directory : /opt/alt/php53/usr/share/doc/pear/Security/Symfony/Component/Security/ |
Upload File : |
CHANGELOG ========= 2.4.0 ----- * The switch user listener now preserves the query string when switching a user * The remember-me cookie hashes now use HMAC, which means that current cookies will be invalidated * added simpler customization options * structured component into three sub-components Acl, Core and Http * added Csrf sub-component * changed Http sub-component to depend on Csrf sub-component instead of the Form component 2.3.0 ----- * [BC BREAK] the BCrypt encoder constructor signature has changed (the first argument was removed) To use the BCrypt encoder, you now need PHP 5.5 or "ircmaxell/password-compat" as a composer dependency * [BC BREAK] return 401 instead of 500 when using use_forward during for form authentication * added a `require_previous_session` option to `AbstractAuthenticationListener` 2.2.0 ----- * `Symfony\Component\Security\Http\Firewall` and `Symfony\Component\Security\Http\RememberMe\ResponseListener` now implements EventSubscriberInterface * added secure random number generator * added PBKDF2 Password encoder * added BCrypt password encoder 2.1.0 ----- * [BC BREAK] The signature of ExceptionListener has changed * changed the HttpUtils constructor signature to take a UrlGenerator and a UrlMatcher instead of a Router * EncoderFactoryInterface::getEncoder() can now also take a class name as an argument * allow switching to the user that is already impersonated * added support for the remember_me parameter in the query * added AccessMapInterface * [BC BREAK] moved user comparison logic out of UserInterface * made the logout path check configurable * after login, the user is now redirected to `default_target_path` if `use_referer` is true and the referrer is the `login_path`. * added a way to remove a token from a session * [BC BREAK] changed `MutableAclInterface::setParentAcl` to accept `null`, review your implementation to reflect this change. * `ObjectIdentity::fromDomainObject`, `UserSecurityIdentity::fromAccount` and `UserSecurityIdentity::fromToken` now return correct identities for proxies objects (e.g. Doctrine proxies) * [BC BREAK] moved the default authentication success and failure handling to separate classes. The order of arguments in the constructor of the `AbstractAuthenticationListener` has changed. * [BC BREAK] moved the default logout success handling to a separate class. The order of arguments in the constructor of `LogoutListener` has changed. * [BC BREAK] The constructor of `AuthenticationException` and all child classes now matches the constructor of `\Exception`. The extra information getters and setters are removed. There are now dedicated getters/setters for token (`AuthenticationException'), user (`AccountStatusException`) and username (`UsernameNotFoundException`).