full xml config, pushed the note at the end of the entry

symfony · weaverryan · Jun 9, 2014 · Jun 6, 2014 · Jun 6, 2014 · Jun 6, 2014
commit 57cc9577e3f8dbd7c66e45d5cdb14588c4e89bc7
diff --git a/cookbook/security/pre_authenticated.rst b/cookbook/security/pre_authenticated.rst
@@ -4,23 +4,13 @@
 Using pre Authenticated Security Firewalls
 ==========================================
 
-A lot of authentication modules are already provided by some webservers,
+A lot of authentication modules are already provided by some web servers,
 including Apache. These modules generally set some environment variables
-that can be used to determine which user is accessing your application. Out of the 
+that can be used to determine which user is accessing your application. Out of the
 box, Symfony supports most authentication mechanisms.
 These requests are called *pre authenticated* requests because the user is already
 authenticated when reaching your application.
 
-.. note::
-
-    An authentication provider will only inform the user provider of the username
-    that made the request. You will need to either use an available
-    :class:`Symfony\\Component\\Security\\Core\\User\\UserProviderInterface`
-    or implement your own:
-
-    * :doc:`/cookbook/security/entity_provider`
-    * :doc:`/cookbook/security/custom_provider`
-
 X.509 Client Certificate Authentication
 ---------------------------------------
 
@@ -44,12 +34,17 @@ Enable the x509 authentication for a particular firewall in the security configu
 
     .. code-block:: xml
 
+        <?xml version="1.0" ?>
         <!-- app/config/security.xml -->
-        <config>
-            <firewall name="secured_area" pattern="^/">
-                <x509 provider="your_user_provider"/>
-            </firewall>
-        </config>
+        <srv:container xmlns="http://symfony.com/schema/dic/security"
+            xmlns:srv="http://symfony.com/schema/dic/services">
+
+            <config>
+                <firewall name="secured_area" pattern="^/">
+                    <x509 provider="your_user_provider"/>
+                </firewall>
+            </config>
+        </srv:container>
 
     .. code-block:: php
 
@@ -66,7 +61,16 @@ Enable the x509 authentication for a particular firewall in the security configu
         ));
 
 By default, the firewall provides the ``SSL_CLIENT_S_DN_Email`` variable to
-the user provider, and sets the ``SSL_CLIENT_S_DN`` as credentials in the 
+the user provider, and sets the ``SSL_CLIENT_S_DN`` as credentials in the
 :class:`Symfony\\Component\\Security\\Core\\Authentication\\Token\\PreAuthenticatedToken`.
 You can override these by setting the ``user`` and the ``credentials`` keys
 in the x509 firewall configuration respectively.
+
+.. note::
+
+    An authentication provider will only inform the user provider of the username
+    that made the request. You will need to create (or use) a "user provider" that
+    turns that username into a User object of your choice:
+
+    * :doc:`/cookbook/security/custom_provider`
+    * :doc:`/cookbook/security/entity_provider`