diff --git a/security/guard_authentication.rst b/security/guard_authentication.rst index 922fb0128bc..3340285f5c1 100644 --- a/security/guard_authentication.rst +++ b/security/guard_authentication.rst @@ -172,8 +172,8 @@ This requires you to implement seven methods:: public function getCredentials(Request $request) { if (!$token = $request->headers->get('X-AUTH-TOKEN')) { - // No token? - $token = null; + // No token? Return null and show "Authentication Required" + return null; } // What you return here will be passed to getUser() as $credentials @@ -264,7 +264,7 @@ Finally, configure your ``firewalls`` key in ``security.yml`` to use this authen # ... main: - anonymous: ~ + # remove anonymous authentication to force digest authentication logout: ~ guard: