public function execute($filterChain)
  {
    // get the cool stuff
    /** @var sfContext **/
    $context    = $this->getContext();
    /** @var sfController **/
    $controller = $context->getController();
    /** @var sfUser **/
    $user       = $context->getUser();
    /** @var sfRequest **/
    $request    = $context->getRequest();

    if ($request->getCookie('MyWebSite'))
    {
      // sign in
      $user->setAuthenticated(true);
    }

    if (!$user->isAuthenticated())
    {
      //this will make sure we are really signed out
      $user->signOut();
      // we bail
      $filterChain->execute();
    }

    $key = false;

    // get the current action instance
    /** @var sfActionStackEntry **/
    $actionEntry    = $controller->getActionStack()->getLastEntry();
    $actionInstance = $actionEntry->getActionInstance();
    $action = $request->getParameter('action');

    //get the object security information
    $securityArray = $actionInstance->getSecurityConfiguration();
    $objectCredArray = myUser::parseSecurity($securityArray, $action);

    //The module is either the current module or the parent module.
    if (isset($objectCredArray['module']))
    {
      $module = $objectCredArray['module'];
    }
    else
    {
      $module = $context->getModuleName();
    }

    //object credentials are stored in
    //  $user->getAttribute($module,'','object_credentials')
    //the key for the object credentials comes from:
    //  request param
    //  the key of a stored parent object (need to know the parent object)

    //so next we need to know the key...

    //big hack because I'm frustrated:
    if ('import' == $module) {
      if ($request->getParameter('vocabulary_id')) {
        $key = $request->getParameter('vocabulary_id');
        $module = 'vocabulary';
      }
      if ($request->getParameter('schema_id')) {
        $key = $request->getParameter('schema_id');
        $module = 'schema';
      }
    }
    //Does the request parameter exist?
    if (isset($objectCredArray['request_param']))
    {
      $key = $request->getParameter($objectCredArray['request_param'],'');
      //get the correct id to check against, but only if we haven't already checked it in this request
    }
    //use the default only if we're using the current request
    elseif ($module == $context->getModuleName())
    {
      //we do the default
      $key = $request->getParameter('id');
    }

    //still no key?
    //ok, so this is definitely a hack...
    if (!$key && (('edit' == $action || 'show' == $action || 'list' == $action) || $module != $context->getModuleName()))
    {
      if ('schema' == $module)
      {
        $schema = myActionTools::findCurrentSchema();
        if ($schema)
        {
          $key = $schema->getId();
        }
      }

      if ('vocabulary' == $module)
      {
        $vocabulary = myActionTools::findCurrentVocabulary();
        if ($vocabulary)
        {
          $key = $vocabulary->getId();
        }
      }

      if ('agent' == $module)
      {
        $agent = myActionTools::findCurrentAgent();
        if ($agent)
        {
          $key = $agent->getId();
        }
      }
    }

    if ($key)
    {
      $user->buildModCredentials($key, $module);
      if ('vocabulary' == $module)
      {
        $vocabulary = myActionTools::findCurrentVocabulary();
        if ($vocabulary)
        {
          $agentId = $vocabulary->getAgentId();
          $user->buildModCredentials($agentId, 'agent', true);
        }
      }
    }
    //skip re-setting the modcredentials if the action == create
    else
    {
      $this->setdefaultCred($user);
    }

    // Execute next filter
    $filterChain->execute();
  }
  /**
   * Wraps content with a credential condition.
   *
   * This overrides the same function in sfAdminGenerator
   *
   * @param string $content    The content
   * @param array  $params     (optional, default = array()) The $array parameters
   * @param bool   $inRow      (optional, default = false)
   * @param bool   $useObjects (optional, default = false)
   * @param string $actionName (optional, default = null)
   *
   * @return string HTML code
   */
  public function addCredentialCondition($content, $params = array(), $inRow = false, $useObjects = false, $actionName = null)
  {
    if (isset($params['credentials']))
    {
      if ($useObjects)
      {
        if ($actionName[0] == '_')
        {
          $actionName = substr($actionName, 1);
        }
        //check the security for some more configuration
        if ($actionName)
        {
          $objectCredArray = myUser::parseSecurity($this->security, $actionName);
          if (isset($objectCredArray['key']))
          {
            $class = $objectCredArray['key']['class'];
            $method = $objectCredArray['key']['method'];
            //$requestParam = $objectCredArray['request_param'];
            //$key = "call_user_func(array('$class', '$method'), \$sf_request->getParameter('$requestParam'))";
            $key = '$' . $class . '->' . $method . '()';
          }
          else if (isset($objectCredArray['request_param']))
          {
            $requestParam = $objectCredArray['request_param'];
            $key = "\$sf_request->getParameter('$requestParam')";
          }
          else
          {
            //only supports non-segmented keys at the moment
            $key = $this->getPrimaryKeyIsSet() ;
          }

          if (isset($objectCredArray['module']))
          {
            $module = $objectCredArray['module'];
          }
          else
          {
            $module = $this->moduleName;
          }

          $insert = "hasObjectCredential($key, '$module', ";
        }
        else
        {
          $insert = 'hasCredential(';
        }
      }
      else
      {
        $insert = 'hasCredential(';
      }

      $credentials = str_replace("\n", ' ', var_export($params['credentials'], true));

      if ($inRow)
      {
         return <<<EOF
[?php if (\$sf_user->$insert $credentials)): ?]
$content
[?php else: ?]
&nbsp;
[?php endif; ?]
EOF;
      }
      else
      {
      return <<<EOF
[?php if (\$sf_user->$insert $credentials)): ?]
$content [?php endif; ?]

EOF;
      }
    }
    else
    {
      return $content;
    }
  }