My problem is the following Entering the wrong password results in a "bad credentials" error (as expected) and entering the right username and password redirects me to / (also expected) .... but then I immediately get redirected back to /login. Apparently Symfony forgets that I'm authenticated and wants me to log in again.
I spent several days trying to fix this error and still so I can not fix it. Please , I am really lost. with users in memory this one work fine , but if I use entities it does not work. Also read several recommended tutorials in mail-list and the messages in http://www.mail-archive.com/[email protected]/msg08241.html, but that solution is not well for me. I think that the problem could be relationed with roles, I am not sure. My Usuario entity return getRoles like array and in BD the roles are string like this : ROLE_ADMIN, ROLE_USER; Also I try run it without the prefix ROLE, like ADMIN. My security.yml: security: encoders: Openxesta\UserBundle\Entity\Usuario: algorithm: md5 iterations: 10 encode_as_base64: true role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] providers: main: entity: { class : UserBundle:Usuario, property: username } #users: #user: { password: userpass, roles: [ 'ROLE_USER' ] } #admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] } firewalls: public: pattern: /login$ security: false anonymous: true login_check: pattern: /login_check form_login: true security: true anonymous: true main: pattern: /.* form_login: provider: main check_path: /login_check login_path: /login always_use_default_target_path: false default_target_path: /users/ security: true anonymous: true access_control: - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/$, role: [ROLE_USER] } - { path: ^/.*/+$, role: [ROLE_USER] } #------------------------------------------------------------------------------------------------------------------------------------ and my routing is : _openxesta_login: pattern: /login defaults: { _controller: SecuredBundle:Secured:login } _openxesta_check: pattern: /login_check _openxesta_logout: pattern: /logout #-------------------------------------------------------------------------------------------------------------------------------------------------- you can see the dev.log in http://pastebin.com/7ueMJqgk -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
