OroPlatform Forums

Covering OroPlatform topics, including community updates and company announcements.

Forums Forums OroPlatform OroPlatform – How do I? Questions Custom Form Password Authenticator

This topic contains 1 reply, has 1 voice, and was last updated by Stepan Yudin Stepan Yudin 5 years, 9 months ago.

Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.

  • Creator
  • #36033
    Stepan Yudin
    Stepan Yudin

    Good day, everyone.

    I need to extend authentication mechanism for my needs.
    To do this i created [Custom Form Password Authenticator](http://symfony.com/doc/current/cookbook/security/custom_password_authenticator.html)

    1) I changed firewall settings:

    authenticator: my_authenticator
    csrf_provider: form.csrf_provider
    check_path: oro_user_security_check
    login_path: oro_user_security_login


    2) I created service for my_authenticator


    class: OQ\SecurityBundle\Security\MyAuthenticator
    – @oro_organization.organization_manager


    3) And here is the code of MyAuthenticator
    namespace OQ\SecurityBundle\Security;

    use Symfony\Component\Config\Definition\Exception\Exception;
    use Symfony\Component\HttpFoundation\Request;
    use Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface;
    use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
    use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
    use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
    use Symfony\Component\Security\Core\Exception\AuthenticationException;
    use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
    use Symfony\Component\Security\Core\User\UserProviderInterface;
    Use Oro\Bundle\SecurityBundle\Authentication\Token\UsernamePasswordOrganizationToken;
    use Oro\Bundle\OrganizationBundle\Entity\Manager\OrganizationManager;

    class MyAuthenticator implements SimpleFormAuthenticatorInterface
    /** @var OrganizationManager */
    protected $manager;

    public function __construct(OrganizationManager $manager)
    $this->manager = $manager;

    public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)

    // Here will be my special checks

    //Here i try to get username and force authentication

    try {
    $user = $userProvider->loadUserByUsername($token->getUsername());
    } catch (UsernameNotFoundException $e) {
    throw new AuthenticationException(‘This user not allowed’);

    // If everythin’ is ok – create a token
    if ($user) {
    return new UsernamePasswordOrganizationToken(
    } else {
    throw new AuthenticationException(‘Invalid username or password’);


    public function supportsToken(TokenInterface $token, $providerKey)
    return $token instanceof UsernamePasswordOrganizationToken
    && $token->getProviderKey() === $providerKey;

    public function createToken(Request $request, $username, $password, $providerKey)
    return new UsernamePasswordOrganizationToken($username, $password, $providerKey, $this->manager->getOrganizationById(1));

    When i try to authenticate user – nothing happens, im just redirecting to login page again and again
    Can you give me an advice – how to make t work?
    And one more question – how can i retrieve user’s organization in this authenticator class?

    Docker environment for Symfony2/OroCRM/OroBAP development on Windows platform

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)

The forum ‘OroPlatform – How do I? Questions’ is closed to new topics and replies.

You will be redirected to [title]. Would you like to continue?

Yes No