/
security_services.yaml
77 lines (64 loc) · 2.63 KB
/
security_services.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
services:
_defaults:
autowire: true
autoconfigure: true
#
# SECURITY
#
# standard user provider returning admin users wrapped in a Pimcore\Bundle\AdminBundle\Security\User\User proxy object.
# using this user provider allows implementations to authenticate against pimcore users on every desired firewall
Pimcore\Bundle\AdminBundle\Security\User\UserProvider: ~
# the password encoder factory builds a dedicated encoder per user
# as we need the user instance to encode passwords. see pimcore.security.encoder_factories
# we don't specifiy this as fully qualified class name as there can be multiple factories (one for each user type)
pimcore_admin.security.password_encoder_factory:
class: Pimcore\Security\Encoder\Factory\UserAwareEncoderFactory
arguments:
- Pimcore\Bundle\AdminBundle\Security\Encoder\AdminPasswordEncoder
# guard implementation handling admin form login for the main admin firewall
Pimcore\Bundle\AdminBundle\Security\Guard\AdminAuthenticator:
public: false
arguments:
$httpUtils: '@security.http_utils'
calls:
- [setLogger, ['@logger']]
tags:
- { name: monolog.logger, channel: security }
Pimcore\Bundle\AdminBundle\Security\LogoutSuccessHandler:
public: false
arguments:
- '@security.token_storage'
- '@router'
- '@event_dispatcher'
calls:
- [setLogger, ['@logger']]
tags:
- { name: monolog.logger, channel: security }
Pimcore\Bundle\AdminBundle\Security\User\TokenStorageUserResolver:
public: true
arguments:
- '@security.token_storage'
Pimcore\Bundle\AdminBundle\Security\User\UserLoader: ~
Pimcore\Bundle\AdminBundle\Security\BruteforceProtectionHandler:
public: false
calls:
- [setLogger, ['@logger']]
tags:
- { name: monolog.logger, channel: security }
Pimcore\Bundle\AdminBundle\Security\CsrfProtectionHandler:
public: true
arguments:
- '%pimcore_admin.csrf_protection.excluded_routes%'
- '@twig'
calls:
- [setLogger, ['@logger']]
tags:
- { name: monolog.logger, channel: security }
Pimcore\Bundle\AdminBundle\Security\ContentSecurityPolicyHandler:
public: true
calls:
- [ setLogger, [ '@logger' ] ]
tags:
- { name: monolog.logger, channel: security }
# user checker checking admin users for validity
Pimcore\Bundle\AdminBundle\Security\User\UserChecker: ~