Symfony2 Authentication “login_check” path not found

2
votes

I'm new to Symfony2 and I'm trying to create a basic registration + login system. So, with the help of the Symfony2 documentation I created this security.yml:

security:
    encoders:
        TestCompany\InternetBundle\Entity\Member:
            algorithm:        sha1
            encode_as_base64: false
            iterations:       1

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    providers:
        administrators:
            entity: { class: TestCompanyInternetBundle:Member, property: username }

    firewalls:
        admin_area:
            pattern:    ^/admin
            anonymous: ~
            form_login:
                login_path:  /login
                check_path:  /login_check

    access_control:
        - { path: ^/admin, roles: ROLE_ADMIN }

and I used this routing for it:

login_check:
    pattern:   /login_check
login:
    pattern:  /login
    defaults: { _controller: TestCompanyInternetBundle:Admin:login }

According to http://symfony.com/doc/current/book/security.html#using-a-traditional-login-form I do NOT need to implement a controller for the login_check route. Yet, Symfony returns this error to me: 

Unable to find the controller for path "/login_check". Maybe you forgot to add the matching route in your routing configuration?

Do you see anything I could have done wrong here? The login page is almost an exact copy of the one used in the documentation. The error occurs on the page: http://localhost/SymfonyTest/web/app_dev.php/login_check, which is the page I get sent to after using the login form.

3
phpsecuritysymfony

3 Answers

3
votes

http://symfony.com/doc/current/book/security.html#using-a-traditional-login-form

Be sure /login_check is behind a firewall.

Therefore, in your example, you have specified a prefix of /admin for your secured area, therefore your login check route should also have that prefix e.g. /admin/login_check

Next, make sure that your check_path URL (e.g. /login_check) is behind the firewall you're using for your form login (in this example, the single firewall matches all URLs, including /login_check). If /login_check doesn't match any firewall, you'll receive a Unable to find the controller for path "/login_check" exception.

Example security.yml configuration:

firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

    secured_area:
        pattern:    ^/
        form_login:
            login_path: /login
            check_path: /login_check
        logout:
            path:   /demo/secured/logout
            target: /demo/
        anonymous: ~

    ....

    access_control:
        - { path: ^/admin, roles: ROLE_ADMIN }
1
votes

I would recomend that you use the FOSUserBundle as this seems the quickest way to do what you would like to do: FOSUserBundle

Installation is very straight-forward and would allow you to get your app working in a very short amount of time. Good luck!

EDIT:

Could you post your controller TestCompanyInternetBundle:Admin:login? Does you controller extend the security controller at all?

0
votes

You should also include your security.yml. Make sure you have:

firewalls:
    login_firewall:
        pattern:    ^/login$
        anonymous:  ~

in your security.yml. This is a common pitfall.