Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-24017

Security token issue using legacy bridge

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: Engineering tracked issues
    • Fix Version/s: 2015.01, 5.3.5, 5.4.2
    • Component/s: Legacy bridge
    • Labels:
      None
    • Sprint:
      Pollux Platform S6

      Description

      When logged in both in frontend and backend, following exception is thrown :

      Cannot set this token to trusted after instantiation

      Stack trace:

      [1] LogicException: Cannot set this token to trusted after instantiation.
          at n/a
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php line 57
      
          at Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken->setAuthenticated(true)
              in /Users/lolautruche/workspace/ezsystems/LegacyBridge/bundle/EventListener/RequestListener.php line 79
      
          at eZ\Bundle\EzPublishLegacyBundle\EventListener\RequestListener->onKernelRequest(object(GetResponseEvent), 'kernel.request', object(TraceableEventDispatcher))
              in  line 
      
          at call_user_func(array(object(RequestListener), 'onKernelRequest'), object(GetResponseEvent), 'kernel.request', object(TraceableEventDispatcher))
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/WrappedListener.php line 61
      
          at Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke(object(GetResponseEvent), 'kernel.request', object(ContainerAwareEventDispatcher))
              in  line 
      
          at call_user_func(object(WrappedListener), object(GetResponseEvent), 'kernel.request', object(ContainerAwareEventDispatcher))
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/EventDispatcher.php line 164
      
          at Symfony\Component\EventDispatcher\EventDispatcher->doDispatch(array(object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener)), 'kernel.request', object(GetResponseEvent))
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/EventDispatcher.php line 53
      
          at Symfony\Component\EventDispatcher\EventDispatcher->dispatch('kernel.request', object(GetResponseEvent))
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/ContainerAwareEventDispatcher.php line 167
      
          at Symfony\Component\EventDispatcher\ContainerAwareEventDispatcher->dispatch('kernel.request', object(GetResponseEvent))
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/TraceableEventDispatcher.php line 112
      
          at Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch('kernel.request', object(GetResponseEvent))
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php line 126
      
          at Symfony\Component\HttpKernel\HttpKernel->handleRaw(object(Request), '1')
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php line 66
      
          at Symfony\Component\HttpKernel\HttpKernel->handle(object(Request), '1', true)
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/DependencyInjection/ContainerAwareHttpKernel.php line 64
      
          at Symfony\Component\HttpKernel\DependencyInjection\ContainerAwareHttpKernel->handle(object(Request), '1', true)
              in /Users/lolautruche/workspace/ezsystems/ezpublish/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/Kernel.php line 186
      
          at Symfony\Component\HttpKernel\Kernel->handle(object(Request))
              in /Users/lolautruche/workspace/ezsystems/ezpublish/web/index.php line 81
      

      This is a regression caused by fix for EZP-23953. Reason is that LegacySessionStorage does not inherit from NativeSessionStorage, and thus session name and other session options from siteaccess configuration are not passed to it any more.

      Steps to reproduce

      Using the same browser (different tabs), with siteaccesses on the same domain (e.g. using URIElement matching) :

      1. Log in to legacy admin with admin user
      2. Log in on frontend with a different user (ideally with a user which doesn't have login permission on admin interface, like subscriber)
      3. Go back on admin and refresh. The exception will occur.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              jerome.vieilledent-obsolete@ez.no Jérôme Vieilledent (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: