I'm extending the abstract class - so mention that. Also adding anony…

…mous You probably want anonymous, because without it, if you return null so that the listener does nothing, you'll get an exception from the AccessListener. This article is written more where you don't *force* auth in the authenticator, but then if a resource is protected, it of course requires it.
gregfriedrice · Nov 22, 2015 · 9e411fe · 9e411fe
1 parent ac107c7
commit 9e411fe
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/cookbook/security/guard-api-key.rst b/cookbook/security/guard-api-key.rst
@@ -20,8 +20,9 @@ A) Create the Guard Authenticator
 ---------------------------------
 
 Suppose you want to read an ``X-API-TOKEN`` header on each request and use
-that to authenticate the user. To do this, create a class that implements
-:class:`Symfony\\Component\\Security\\Guard\\\GuardAuthenticatorInterface`::
+that to authenticate the user. To do this, create a class that extends
+:class:`Symfony\\Component\\Security\\Guard\\AbstractGuardAuthenticator`
+(or which implements :class:`Symfony\\Component\\Security\\Guard\\GuardAuthenticatorInterface`)::
 
     // src/AppBundle/Security/TokenAuthenticator.php
     namespace AppBundle\Security;
@@ -199,6 +200,7 @@ and your new ``app.token_authenticator`` authenticator:
                     pattern: ^/
                     # set to false if you *do* want to store users in the session
                     stateless: true
+                    anonymous: true
                     guard:
                         authenticators:
                             - app.token_authenticator
@@ -218,6 +220,7 @@ and your new ``app.token_authenticator`` authenticator:
                 <firewall name="secured_area"
                     pattern="^/"
                     stateless="true"
+                    anonymous="true"
                 >
                     <guard>
                         <authenticator>apikey_authenticator</authenticator>
@@ -237,6 +240,7 @@ and your new ``app.token_authenticator`` authenticator:
                 'secured_area'       => array(
                     'pattern'        => '^/',
                     'stateless'      => true,
+                    'anonymous'      => true,
                     'simple_preauth' => array(
                         'authenticators'  => array(
                             'app.token_authenticator'