The problem was the "security: false" for the login firewall. This allows the user to visit the login page but because no security context is established you cannot use is_granted() anywhere on that page. If you want to do so you have to set security to true and then explicitly allow anonymous users access to the login page. This has the same effect as the default configuration but since a security context is established now you can use is_granted() successfully.
Regards, Dennis -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
