0
votes

I am building a Symfony2 project, using FosUserbundle and have a serious security issue. When a user tries to connect, it correctly redirects to the home page when the credentials are correct, but most of the time without actually loading the user, still with the anonymous token, not logged.

It sometimes logs me successfully at the first try, usually after 2-4 attempts, sometimes more. It seems to fail 70 to 80% of the time.

There is no error message at all, everything seems to work just fine, except it doesn't. I cloned my project without FosUser, using the login and security system in the cookbook in the documentation on the Symfony website, still the same. The application has been developed with Symfony 2.3, but upgrading to 2.6 and 2.7 doesn't solve the problem.

The security code is completely vanilla except to extends my template in one twig file, and the behaviour is still the same without the extends.

The config files have been modified according to the FosUserBundle doc. I am obviously missing something, but no idea what.

1
Without some relevant source or configuration it will be very difficult to assist. - Gerry
The only modified configuration files are appKernel.php,config.yml, security.yml and routing.yml. Routing.yml, just the route from the bundle, the 3 other have been modified for the installation of FosUserBundle. - Franck Dumont
Edit your post and show them - Guillaume Fache
cannot help without code or configuration.anything we say would be only speculations - Nawfal Serrar

1 Answers

0
votes

After a couple of week, it stopped doing weird stuff, that is good, but no idea why, that is not so good. As i have said, the config files are straight out off the official doc. If they were at fault, i think that dozens would have had the same issue.

For the curious, it started doing weird stuff while i was playing with websockets and Ratchet. I don't know if it give an idea to someone as to the why.