Need some help for the ccdn user security bundle
Replies: 2   Views: 1716  Subscribers: 0

Posted by reece · 13-10-2012 - 08:53

Edited by reece · 12-11-2012 - 02:44
You need to make sure you have set up your configuration correctly for it to work. Here is a configuration i use:

­
ccdn_user_security:
    route_referer:
        route_ignore_list:
            - { bundle: 'fosuserbundle', route: 'cc_user_security_login' }
            - { bundle: 'fosuserbundle', route: 'cc_user_security_check' }
            - { bundle: 'fosuserbundle', route: 'cc_user_security_logout' }
            - { bundle: 'fosuserbundle', route: 'cc_user_registration_register' }
            - { bundle: 'fosuserbundle', route: 'cc_user_registration_check_email' }
            - { bundle: 'fosuserbundle', route: 'cc_user_registration_confirm' }
            - { bundle: 'fosuserbundle', route: 'cc_user_registration_confirmed' }
            - { bundle: 'fosuserbundle', route: 'cc_user_resetting_request' }
            - { bundle: 'fosuserbundle', route: 'cc_user_resetting_send_email' }
            - { bundle: 'fosuserbundle', route: 'cc_user_resetting_check_email' }
            - { bundle: 'fosuserbundle', route: 'cc_user_resetting_reset' }
            - { bundle: 'fosuserbundle', route: 'cc_user_change_password' }
    login_shield:
        enable_shield: true
        block_for_minutes: 2
        limit_failed_login_attempts:
            before_recover_account: 5
            before_return_http_500: 10
        primary_login_route:
            name: cc_user_security_login
        recover_account_route:
            name: cc_user_resetting_request
        block_routes_when_denied:
            - cc_user_security_login
            - cc_user_security_check
            - cc_user_security_logout­
1) The enable_shield must be set to 'true' to enable this feature. 2) The routes for the primary login and recover account page must be set for it to track the routes that need watching. 3) The routes you wish to block when too many failed login attempts must be set in order for the login and other pages to be blocked when user is denied. You will also need to enable your login handlers via app/config/security.yml like so: ­
security:
    firewalls:
        main:
            form_login:
                provider:       cc_userbundle
                login_path:     /login
                use_forward:    false
                check_path:     /login_check
                success_handler: ccdn_user_security.component.authentication.handler.login_success_handler
                failure_handler: ccdn_user_security.component.authentication.handler.login_failure_handler
                failure_path:   null
            logout:
                path:   /logout
                success_handler: ccdn_user_security.component.authentication.handler.logout_success_handler­
This allows cc_user bundle to make use of the login handlers which are needed to track failed/successful login attempts. Other than that, just make sure you have the CCDNUser namespace in your autoload.php and the CCDNUserSecurityBundle in your AppKernel.php.­