Search code examples
symfonysymfony2

Cannot find login_check

Unable to find the login_check in symfony2.0 (I know it should be symfony2.4 because it is decrypted, but my customer wants 2.0).

What is wrong that symfony cannot finde the login_check-path?

My routing.yml:

backend_account_login:
    pattern:  /{_locale}/secured/login
    defaults: { _controller: BackendAccountBundle:Secured:login }
    requirements:
        _locale: en|de

security_check:
  pattern:  /{_locale}/secured/login_check
  requirements:
        _locale: en|de
    
logout:
  pattern:  /de/secured/logout
  defaults: { _controller: BackendAccountBundle:Secured:logout }

My security.yml:

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext
        #Use of an encoder Backend\AccoundBundle\Services
        Backend\AccountBundle\Entity\User:
         id: sha256salted_encoder

    role_hierarchy:
        ROLE_ADMIN:       ROLE_AHA_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    #two providers are given. the aha users from the db and the admin.
    #admin still have an unsecured password
    providers:
        chain_provider:
            providers: [in_memory, user_db]
        in_memory:
            users:
                admin: { password: 2, roles: ROLE_ADMIN }
        #for aha-users there is a custom table. the login procedure is getting the data from the entity        
        user_db:
            entity: { class: Backend\AccountBundle\Entity\User, property: email }
        
    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login:
            pattern:  ^/(en|de)/secured/login
            #security: false
            anonymous:  ~

        secured_area:
            pattern:    ^/(en|de)/secured/
            anonymous:  ~
            http_basic:
                realm: "Secured Area"
            form_login:
                check_path: security_check
                login_path: backend_account_login
                use_referer:        false
                default_target_path: backend_secured_account_index
                #target_path_parameter: frontend_account_my_account
            logout: 
                path:   /de/secured/logout
                target: /de/
                #default_target_path: frontend_account_login
                #anonymous: ~


    # the access of user e.g. admin and aha users are given below
    access_control:
        - { path: ^/*, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(en|de)/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(en|de)/*, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(en|de)/secured/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(en|de)/secured/, roles: [ROLE_AHA_USER, ROLE_ADMIN] }
        - { path: ^/(en|de)/secured/account/admin/register/, roles: ROLE_ADMIN }
Solution

  • As suggested by 2.0.25 Symfony Dependency Injection and the doc reference (found below) you should define your check_path as an absolute url and not a route name. (e.g.: /en/secured/login_check)

    Security reference for 2.0 (deprecated): http://symfony.com/doc/2.0/reference/configuration/security.html#the-login-form-and-process

    Current: http://symfony.com/doc/current/reference/configuration/security.html#the-login-form-and-process (This latter states that you may use route name. )