From 839bfb427093b94a5e75b22a11a5df20ad94cb1e Mon Sep 17 00:00:00 2001
From: Theron Luhn <theron@luhn.com>
Date: Sun, 17 Feb 2019 19:02:33 -0800
Subject: Set legacy policy when using authn/authz policies.

---
 src/pyramid/config/security.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'src')

diff --git a/src/pyramid/config/security.py b/src/pyramid/config/security.py
index b023917aa..42554db97 100644
--- a/src/pyramid/config/security.py
+++ b/src/pyramid/config/security.py
@@ -14,6 +14,7 @@ from pyramid.interfaces import (
 from pyramid.csrf import LegacySessionCSRFStoragePolicy
 from pyramid.exceptions import ConfigurationError
 from pyramid.util import as_sorted_tuple
+from pyramid.security import LegacySecurityPolicy
 
 from pyramid.config.actions import action_method
 
@@ -77,6 +78,7 @@ class SecurityConfiguratorMixin(object):
                     'also configuring an authorization policy '
                     '(use the set_authorization_policy method)'
                 )
+            self._set_legacy_policy()
 
         intr = self.introspectable(
             'authentication policy',
@@ -97,6 +99,15 @@ class SecurityConfiguratorMixin(object):
         policy = self.maybe_dotted(policy)
         self.registry.registerUtility(policy, IAuthenticationPolicy)
 
+    def _set_legacy_policy(self):
+        if self.registry.queryUtility(ISecurityPolicy) is not None:
+            raise ConfigurationError(
+                'Cannot configure an authentication and authorization policy '
+                'with a configured security policy.'
+            )
+        policy = LegacySecurityPolicy()
+        self.registry.registerUtility(policy, ISecurityPolicy)
+
     @action_method
     def set_authorization_policy(self, policy):
         """ Override the :app:`Pyramid` :term:`authorization policy` in the
-- 
cgit v1.2.3