Need some help for the ccdn user security bundle
Replies: 2   Views: 1828  Subscribers: 0

Posted by Leo · 12-10-2012 - 16:14


I'm trying to use your bundle CCDN User Security Bundle with symfony 2.0.16 for "Prevent brute force attacks being carried out by limiting number of login attempts" features and i have some difficulties.

I followed all the steps at but nothing happens  when i try to login with wrong login/password .

Perhaps it lacks some information in the doc ?

Can you help me please ?­

Posted by reece · 13-10-2012 - 08:53

Edited by reece · 12-11-2012 - 02:44
You need to make sure you have set up your configuration correctly for it to work. Here is a configuration i use:

            - { bundle: 'fosuserbundle', route: 'cc_user_security_login' }
            - { bundle: 'fosuserbundle', route: 'cc_user_security_check' }
            - { bundle: 'fosuserbundle', route: 'cc_user_security_logout' }
            - { bundle: 'fosuserbundle', route: 'cc_user_registration_register' }
            - { bundle: 'fosuserbundle', route: 'cc_user_registration_check_email' }
            - { bundle: 'fosuserbundle', route: 'cc_user_registration_confirm' }
            - { bundle: 'fosuserbundle', route: 'cc_user_registration_confirmed' }
            - { bundle: 'fosuserbundle', route: 'cc_user_resetting_request' }
            - { bundle: 'fosuserbundle', route: 'cc_user_resetting_send_email' }
            - { bundle: 'fosuserbundle', route: 'cc_user_resetting_check_email' }
            - { bundle: 'fosuserbundle', route: 'cc_user_resetting_reset' }
            - { bundle: 'fosuserbundle', route: 'cc_user_change_password' }
        enable_shield: true
        block_for_minutes: 2
            before_recover_account: 5
            before_return_http_500: 10
            name: cc_user_security_login
            name: cc_user_resetting_request
            - cc_user_security_login
            - cc_user_security_check
            - cc_user_security_logout­
1) The enable_shield must be set to 'true' to enable this feature. 2) The routes for the primary login and recover account page must be set for it to track the routes that need watching. 3) The routes you wish to block when too many failed login attempts must be set in order for the login and other pages to be blocked when user is denied. You will also need to enable your login handlers via app/config/security.yml like so: ­
                provider:       cc_userbundle
                login_path:     /login
                use_forward:    false
                check_path:     /login_check
                success_handler: ccdn_user_security.component.authentication.handler.login_success_handler
                failure_handler: ccdn_user_security.component.authentication.handler.login_failure_handler
                failure_path:   null
                path:   /logout
                success_handler: ccdn_user_security.component.authentication.handler.logout_success_handler­
This allows cc_user bundle to make use of the login handlers which are needed to track failed/successful login attempts. Other than that, just make sure you have the CCDNUser namespace in your autoload.php and the CCDNUserSecurityBundle in your AppKernel.php.­

Posted by admin · 15-06-2016 - 09:58

cbcc cv c cv cvbc vb 
cv b c­