New in Symfony 3.4: User impersonation improvements

User impersonation is a popular Symfony security feature that allows you to browse the application as if you were another user, for instance when you are debugging or trying to understand a bug a user sees that you can't reproduce. In Symfony 3.4 we improved this feature a bit to make it easier to debug.

Added the impersonator to the log context

Contributed by
Gregor Harlan
in #24026.

The well known security log message "User was reloaded from a user provider." includes the user provider and the username of the impersonated user in its context. In Symfony 3.4, to make things easier to debug, this context will also include the username of the impersonator user via the impersonator_username key.

Added impersonation details in the debug toolbar

Contributed by
Yonel Ceruto
in #23026.

In Symfony 3.4, the security panel of the Web Debug Toolbar will include more details when using impersonation. First, it will also show the username of the impersonator user. Second, it will include a link to exit from the impersonation:

Comments

Thank you Javier for all that helpful blog posts! :)
Thanks to all of you for reading them! I really enjoy highlighting the amazing features contributed by the community.
Login with SensioLabsConnect to post a comment