PHPackages escapestudios/wsse-authentication-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. escapestudios/wsse-authentication-bundle ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication) escapestudios/wsse-authentication-bundle ======================================== Symfony2 bundle to implement WSSE authentication 2.3.0(8y ago)1352.7M—8.5%56[1 issues](https://github.com/djoos/EscapeWSSEAuthenticationBundle/issues)[4 PRs](https://github.com/djoos/EscapeWSSEAuthenticationBundle/pulls)1MITPHPPHP >=5.3.9 Since Jun 9Pushed 7y ago7 watchersCompare [ Source](https://github.com/djoos/EscapeWSSEAuthenticationBundle)[ Packagist](https://packagist.org/packages/escapestudios/wsse-authentication-bundle)[ Docs](https://github.com/djoos/EscapeWSSEAuthenticationBundle)[ RSS](/packages/escapestudios-wsse-authentication-bundle/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (5)Versions (13)Used By (1) [![Build Status](https://camo.githubusercontent.com/a64d32a0849b6317e838b2f415f0662050c87e6bb87d2a0cd4adac1f161644b3/68747470733a2f2f7365637572652e7472617669732d63692e6f72672f646a6f6f732f4573636170655753534541757468656e7469636174696f6e42756e646c652e706e67)](http://travis-ci.org/djoos/EscapeWSSEAuthenticationBundle) Introduction ------------ [](#introduction) The EscapeWSSEAuthentication bundle is a simple and easy way to implement WSSE authentication in Symfony applications Installation ------------ [](#installation) `Command Line` ``` composer require escapestudios/wsse-authentication-bundle ``` `composer.json` ``` "require": { ... "escapestudios/wsse-authentication-bundle": "^2.2", ... } ``` `app/AppKernel.php` ``` public function registerBundles() { return array( //... new Escape\WSSEAuthenticationBundle\EscapeWSSEAuthenticationBundle(), //... ); ... ``` Commands -------- [](#commands) Delete expired nonces via the `escape:wsseauthentication:nonces:delete` command that ships with this bundle; it takes the firewall name as a (required) parameter. `php app/console --env=dev escape:wsseauthentication:nonces:delete wsse_secured` Quick usage example ------------------- [](#quick-usage-example) `app/config/security.yml` ``` firewalls: wsse_secured: pattern: ^/api/.* stateless: true wsse: realm: "Secured with WSSE" #identifies the set of resources to which the authentication information will apply (WWW-Authenticate) profile: "UsernameToken" #WSSE profile (WWW-Authenticate) ``` ...that's it! Your "wsse\_secured"-firewall is now secured via the (out-of-the-box) WSSE Authentication setup. You can now start calling your API endpoints: generate a X-WSSE header (Symfony\\Component\\Security\\Core\\Encoder\\MessageDigestPasswordEncoder) and add it to your request (cUrl). It is strongly recommended to have a read through the more advanced configuration below once you're up and running with the basics... Advanced configuration ---------------------- [](#advanced-configuration) ### Specify a custom token lifetime [](#specify-a-custom-token-lifetime) Default value: 300 `app/config/security.yml` ``` firewalls: wsse_secured: #... wsse: #... lifetime: 300 # or -1 for infinite lifetime tokens (please use with extreme care!) ``` ### Specify a custom date format [](#specify-a-custom-date-format) Default value: see regular expression below for ISO8601 ([check out](http://www.pelagodesign.com/blog/2009/05/20/iso-8601-date-validation-that-doesnt-suck/)) `app/config/security.yml` ``` firewalls: wsse_secured: #... wsse: #... date_format: '/^([\+-]?\d{4}(?!\d{2}\b))((-?)((0[1-9]|1[0-2])(\3([12]\d|0[1-9]|3[01]))?|W([0-4]\d|5[0-2])(-?[1-7])?|(00[1-9]|0[1-9]\d|[12]\d{2}|3([0-5]\d|6[1-6])))([T\s]((([01]\d|2[0-3])((:?)[0-5]\d)?|24\:?00)([\.,]\d+(?!:))?)?(\17[0-5]\d([\.,]\d+)?)?([zZ]|([\+-])([01]\d|2[0-3]):?([0-5]\d)?)?)?)?$/' ``` ### Specify a custom digest algorithm [](#specify-a-custom-digest-algorithm) Default value: base 64-encoded sha1 with 1 iteration ⚠️ Please change the digest algorithm to a stronger one, like bcrypt ⚠️ `app/config/security.yml` ``` firewalls: wsse_secured: #... wsse: #... encoder: #digest algorithm algorithm: sha1 encodeHashAsBase64: true iterations: 1 ``` ### Specify a custom nonce cache [](#specify-a-custom-nonce-cache) Default value: Doctrine\\Common\\Cache\\PhpFileCache in %kernel.cache\_dir%/security/nonces `app/config/security.yml` ``` services: #... cache_nonces: class: Doctrine\Common\Cache\PhpFileCache arguments: [%kernel.cache_dir%/security/nonces] ``` `app/config/security.yml` ``` firewalls: wsse_secured: #... wsse: #... nonce_cache_service_id: cache_nonces ``` ### Use multiple providers [](#use-multiple-providers) `app/config/security.yml` ``` providers: provider_one: #... provider_two: #... firewalls: wsse_secured_by_provider_one: provider: provider_one wsse: #... wsse_secured_by_provider_two: provider: provider_two wsse: #... ``` ### Make use of a specific user provider on a firewall with WSSE as one of multiple authentication mechanisms [](#make-use-of-a-specific-user-provider-on-a-firewall-with-wsse-as-one-of-multiple-authentication-mechanisms) `app/config/security.yml` ``` providers: users: #... wsse_users: memory: users: - { name: 'someuser', password: 'somesecret' } firewalls: secured: provider: users wsse: #... provider: wsse_users #don't make use of firewall's "users"-provider, but "wsse_users"-provider for WSSE ``` ### Specify custom authentication class(es) [](#specify-custom-authentication-classes) `app/config/config.yml` ``` # Escape WSSE authentication configuration escape_wsse_authentication: authentication_provider_class: Escape\WSSEAuthenticationBundle\Security\Core\Authentication\Provider\Provider authentication_listener_class: Escape\WSSEAuthenticationBundle\Security\Http\Firewall\Listener authentication_entry_point_class: Escape\WSSEAuthenticationBundle\Security\Http\EntryPoint\EntryPoint authentication_encoder_class: Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder ``` ### Health Score 46 — FairBetter than 93% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity56 Moderate usage in the ecosystem Community29 Small or concentrated contributor base Maturity65 Established project with proven stability Bus Factor1 Top contributor holds 83.7% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~121 days Recently: every ~173 days Total 12 Last Release 3021d ago Major Versions 1.1.0 → 2.0.02014-12-05 PHP version history (2 changes)1.0.0PHP >=5.3.2 2.1.0PHP >=5.3.9 ### Community Maintainers ![](https://www.gravatar.com/avatar/83bc84b2e3f67fdbb88509af3bc1fc7d17a64003d177f18d2397eee0ad0ddfc7?d=identicon)[devesc](/maintainers/devesc) ![](https://www.gravatar.com/avatar/ca43443c4d07dd18c529425f57cc4ca8944470e45a295cf9c2f614c8191ba4ff?d=identicon)[djoos](/maintainers/djoos) --- Top Contributors [![djoos](https://avatars.githubusercontent.com/u/449510?v=4)](https://github.com/djoos "djoos (113 commits)")[![xelaris](https://avatars.githubusercontent.com/u/2466932?v=4)](https://github.com/xelaris "xelaris (6 commits)")[![fightmaster](https://avatars.githubusercontent.com/u/648770?v=4)](https://github.com/fightmaster "fightmaster (4 commits)")[![broncha](https://avatars.githubusercontent.com/u/46905?v=4)](https://github.com/broncha "broncha (2 commits)")[![Th3Mouk](https://avatars.githubusercontent.com/u/5006899?v=4)](https://github.com/Th3Mouk "Th3Mouk (2 commits)")[![olimsaidov](https://avatars.githubusercontent.com/u/228747?v=4)](https://github.com/olimsaidov "olimsaidov (1 commits)")[![pedrofurtado](https://avatars.githubusercontent.com/u/10530520?v=4)](https://github.com/pedrofurtado "pedrofurtado (1 commits)")[![bkosborne](https://avatars.githubusercontent.com/u/544886?v=4)](https://github.com/bkosborne "bkosborne (1 commits)")[![zain-saqer](https://avatars.githubusercontent.com/u/3166259?v=4)](https://github.com/zain-saqer "zain-saqer (1 commits)")[![data219](https://avatars.githubusercontent.com/u/503917?v=4)](https://github.com/data219 "data219 (1 commits)")[![h4cc](https://avatars.githubusercontent.com/u/2981491?v=4)](https://github.com/h4cc "h4cc (1 commits)")[![luckyduck](https://avatars.githubusercontent.com/u/400837?v=4)](https://github.com/luckyduck "luckyduck (1 commits)")[![Nyholm](https://avatars.githubusercontent.com/u/1275206?v=4)](https://github.com/Nyholm "Nyholm (1 commits)") --- Tags phpsymfonywssebundleAuthenticationwsse ### Embed Badge ![Health badge](/badges/escapestudios-wsse-authentication-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/escapestudios-wsse-authentication-bundle/health.svg)](https://phpackages.com/packages/escapestudios-wsse-authentication-bundle) ``` ### Alternatives [scheb/2fa Two-factor authentication for Symfony applications (please use scheb/2fa-bundle to install) 578630.7k1](/packages/scheb-2fa)[scheb/2fa-bundle A generic interface to implement two-factor authentication in Symfony applications 7014.0M62](/packages/scheb-2fa-bundle)[web-auth/webauthn-framework FIDO2/Webauthn library for PHP and Symfony Bundle. 50570.7k1](/packages/web-auth-webauthn-framework)[auth0/symfony Symfony SDK for Auth0 Authentication and Management APIs. 128738.1k](/packages/auth0-symfony)[web-auth/webauthn-symfony-bundle FIDO2/Webauthn Security Bundle For Symfony 63397.4k6](/packages/web-auth-webauthn-symfony-bundle)[gfreeau/get-jwt-bundle This Symfony bundle provides a security listener to return a JWT 86591.6k3](/packages/gfreeau-get-jwt-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)