Security

Question 1

What are the root elements of security configuration?

Answer 1

access_denied_url
session_fixation_strategy
hide_user_not_found
always_authenticate_before_granting
erase_credentials
access_decision_manager
encoders
providers
firewalls
access_control
role_hierarchy

Question 2

What are allowed session fixation strategies?

Answer 2

none
migrate
invalidate

Question 3

What are possible voter strategies?

Answer 3

affirmative
consensus
unanimous

Question 4

What methods does Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface define?

Answer 4

isAnonymous(TokenInterface $token = null)
isRememberMe(TokenInterface $token = null)
isFullFledged(TokenInterface $token = null)

Question 5

What methods does Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface define?

Answer 5

isGranted($attribute, $subject = null);

Question 6

What is the default access decision strategy?

Answer 6

affirmative

Question 7

What methods does Symfony\Component\Security\Core\Authorization\Voter\VoterInterface define?

Answer 7

vote(TokenInterface $token, $subject, array $attributes);

Question 8

What methods does Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface define?

Answer 8

decide(TokenInterface $token, array $attributes, $object = null);

Question 9

What are possible configuration keys under security.access_decision_manager branch?

Answer 9

service
strategy
allow_if_all_abstain
allow_if_equal_granted_denied

Question 10

What are available configuration values for security encoders?

Answer 10

algorithm
migrate_from
hash_algorithm
key_length
ignore_case
encode_as_base64
iterations
cost
memory_cost
time_cost
id

Question 11

What is the recommended Symfony password hashing algorythm?

Answer 11

Sodium