Symfony login_check not handled on production environment

StackOverflow https://stackoverflow.com/questions/23187546

Question

I've just finished developping my website with Symfony. Everything was working well on my local machine with WampServer. But now that I have sent my project to my production server, I have an annoying problem with the security.

I have a secured admin zone behind the url /admin and a login form at /admin/login. Once I submit the form, the framework is not catching the request to handle the connection and check the logs as it should on /admin/login_check. Instead, I have a blank page (at /admin/login_check), nothing happens : I'm not logged in and the logs are not showing any error. I'm really stucked...

I have tried to modify my configuration several times but can't find a solution. Maybe it's just something really obvious, but I can't find ...

I run under PHP 5.4.26

Security.yml:

providers:
    in_memory:
        memory:
            users:
                admin: { password: secret, roles: [ 'ROLE_ADMIN' ] }

firewalls:
    login_firewall:
        pattern:   ^/login$
        anonymous: ~

    secured_area:
        pattern:   ^/
        anonymous: ~
        form_login:
            login_path:  /login
            check_path:  /login_check
        logout:
            path:   /logout
            target: /login

access_control:
    - { path: ^/admin/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }

Routing.yml:

login:
    pattern: /login
    defaults: { _controller: RydAdminBundle:Admin:login }

login_check:
    pattern: /login_check

logout:
    pattern: /logout

NB: I've also tried putting login_check and login behind admin -> /admin/login_check and /admin/login but it results on the same issue.

Thank you very much for helping !

Was it helpful?

Solution

Try removing the login_firewall, so your security.yml reads as follows. Also, I changed the roles in the memory provider.

providers:
    in_memory:
        memory:
            users:
                admin: { password: secret, roles: ROLE_ADMIN }

firewalls:
    secured_area:
        pattern:   ^/
        anonymous: ~
        form_login:
            login_path:  /login
            check_path:  /login_check
        logout:
            path:   /logout
            target: /login

access_control:
    - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top