Question
I've a problem with my security.yml using Symfony 2.
This is the content of my file :
https://stackoverflow.com/questions/21665044
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russiansecurity:
encoders:
MOD\UserBundle\Entity\User:
algorithm: sha512
iterations: 1
encode_as_base64: false
role_hierarchy:
#[...]
providers:
user_db:
entity:
class: MOD\UserBundle\Entity\User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/user/login$
anonymous: true
main:
pattern: ^/
anonymous: false
provider: user_db
form_login:
login_path: user_login
check_path: user_check
logout:
path: user_logout
target: /user/login
I have an entity called User, with fields : id, email, username, password, salt, roles
When I try to log me on from /user/login the result is always the same : "Bad credentials".
Is there a way to check what happened on user_check request? Or any apparent mis-configuration in the security.yml ?
This is what I get in app/logs/dev.log :
[2014-02-09 21:35:27] doctrine.DEBUG: SELECT t0.id AS id1, t0.username AS username2, t0.password AS password3, t0.salt AS salt4, t0.email AS email5, t0.roles AS roles6 FROM User t0 WHERE t0.username = ? LIMIT 1 ["Maxime"] []
[2014-02-09 21:35:27] security.INFO: Authentication request failed: Bad credentials [] []
In my databse I have just one user with the username : Maxime
Solution 2
I definitely solved my problem.
I change security.yml like that :
encoders:
MOD\UserBundle\Entity\User:
algorithm: sha512
iterations: 1
encode_as_base64: true
And I save the password hashed with sha512 and base64 encoded.
It works !
OTHER TIPS
Thanks zizoujab.
Since you asked me many questions about the password and the way to store this one in my DB I've finaly replace sha512 by plaintext in my security.yml.
Then I try to logged me in with :
maxime / C7AD44CBAD762A5DA0A452F9E854FDC1E0E7A52A38015F23F3EAB1D80B931DD472634DFAC71CD34EBC35D16AB7FB8A90C81F975113D6C7538DC69DD8DE9077EC
And it works.
