Symfony – FOSUserBundle: configure the check path to be handled by the firewall using form_login

configurationfosuserbundleroutingsymfonyyaml

I download the FOSUser Bundle in my symfony project.

This is the routing file of the bundle:

# Manage security
fos_user_security:
    resource:  "@FOSUserBundle/Resources/config/routing/security.xml"

# User Profil
fos_user_profile:
    resource:  "@FOSUserBundle/Resources/config/routing/profile.xml"
    prefix: /profile

# Register User
fos_user_register:
    resource:  "@FOSUserBundle/Resources/config/routing/registration.xml"
    prefix: /register

# Reset User password
fos_user_resetting:
    resource:  "@FOSUserBundle/Resources/config/routing/resetting.xml"
    prefix: /resetPassword

# Change User password
fos_user_change_password:
    resource:  "@FOSUserBundle/Resources/config/routing/change_password.xml"
    prefix: /changePassword

Now, when I would like to go to the login page, everything works, but when I would like to connect the user, I have this error:

You must configure the check path to be handled by the firewall using
form_login in your security firewall configuration.

This is my config file, security.yml:

security:

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt|error)|css|images|js)/
            security: false

        default:
            anonymous: ~

        main:
            pattern: ^/
            form_login:
                check_path: fos_user_security_login_check
                login_path: fos_user_security_login
                provider: fos_userbundle
                csrf_provider: security.csrf.token_manager
            logout:
                path:     fos_user_security_logout
                target:   /
            anonymous:    true

    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: ROLE_ADMIN }

What I am doign wrong?

Moreover, when I would like to logout I have this error:

You must activate the logout in your security firewall configuration.

Best Answer

Just remove your default firewall:

default:
    anonymous: ~

It catch all your requests because firewalls are tests in the order they are defined.
So on a FOSUserBundle page like the login page, there is no form_login provider, nor logout one.

Related Topic