I finally fixed it, I was just confusing firewalls and access control list.
As shown in the question, I had created 2 firewalls on the home page, and in symfony2, you cannot be logged in 2 different firewalls - in no way that I know -
In this case, if you want to have the login form inside any firewall page, you do not manage it with the firewall, but with the access control list.
# Security.yml
firewalls:
members_area:
pattern: ^/
provider: <any_working_entity-based_provider>
anonymous: ~ # To allow unauthenticated users to access the firewall --> The login form
form_login:
login_path: /
check_path: /login_check
post_only: true
default_target_path: /
use_referer: false
logout:
path: /logout
target: /
invalidate_session: false
access_control:
- { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY } # Public page, login page AND firewall page
- { path: ^/members/suscribe, roles: IS_AUTHENTICATED_ANONYMOUSLY } # Suscribe is a public activity
- { path: ^/members/retrieve_password, roles: IS_AUTHENTICATED_ANONYMOUSLY } # As well as forgotten password
- { path: ^/members/reset_password, roles: IS_AUTHENTICATED_ANONYMOUSLY } # Or reset password features with the token protected page...
- { path: ^/members, roles: ROLE_USER } # BUT, you set up the access control to require any role of the authenticated users, for the different firewall pages