Symfony version(s) affected

6.1.2 and others

Description

I use native PHP file configuration for my session management and I want that invalid session ID be replaced by new one in order to avoid error #45755.

The solution was given by PR #46249 but the newer PR #46678 limits too far its application with the condition 'files' === $this->saveHandler->getSaveHandlerName().

Indeed, since #24523 the service session.handler.native_file wraps NativeFileSessionHandler into StrictSessionHandler which do not extend \SessionHandler. So NativeSessionStorage wraps the handler in SessionHandlerProxy and this one sets $this->saveHandlerName = 'user'.

How to reproduce

# php.ini
session.save_handler = files

Both

# framework.yml
framework:
    session:
        handler_id: session.handler.native_file
        storage_factory_id: session.storage.factory.native

and

# framework.yml
framework:
    session:
        handler_id: null
        storage_factory_id: session.storage.factory.native

produces a strict handler wrapped into a proxy handler which has saveHandlerName = user whereas sessions are managed by files.

Possible Solution

To get the wanted behaviour in my project, I create a custom handler which extends SessionHandlerProxy and wraps the chained NativeFileSessionHandler and StrictSessionHandler. The difference I make is to set saveHandlerName = 'files' in the proxy constructor.

Additional Context

No response