For my test environment, I have configured a memory-based user provider:
config/packages/test/security.yaml
security:
providers:
unit_testing:
memory:
users:
test1: { password: $testpwd1, roles: ['ROLE_SUPER_ADMIN'] }
test2: { password: $testpwd2, roles: ['ROLE_SPECIAL1_ADMIN'] }
test3: { password: $testpwd3, roles: ['ROLE_SPECIAL2_ADMIN'] }
firewalls:
admin:
form_login:
provider: unit_testing
I try to test the login form in a functional test.
tests/Controller/LoginControllerTest.php
$client = static::createClient();
$crawler = $client->request(Request::METHOD_GET, '/login');
$form = $crawler->selectButton('Login')->form(['_username' => 'test1', '_password' => '$testPwd1']);
$client->submit($form);
The login fails. Debugging the login process reveals that while Kernel.php loads the additional security configuration from test, the FirewallListener fetches a configuration which has provider = null.
In the standard environment, the login with producation data is successful.
What is going on?
If needed, I will provide additional code.
I have isolated the problem further and came to the sad realization that my problem was in fact not the user provider.
The configured password for the memory provider had an old encoding, and thus the newer encoding algorithm produced a hashsum that didn't match. One reason might be the migration from 3.4 to 4.2, as there were lots of changes to the configuration.
Manually encoding the target password via php bin/console security:encode-password <arg> solved the problem for me.