I am building a Symfony2 project, using FosUserbundle and have a serious security issue. When a user tries to connect, it correctly redirects to the home page when the credentials are correct, but most of the time without actually loading the user, still with the anonymous token, not logged.
It sometimes logs me successfully at the first try, usually after 2-4 attempts, sometimes more. It seems to fail 70 to 80% of the time.
There is no error message at all, everything seems to work just fine, except it doesn't. I cloned my project without FosUser, using the login and security system in the cookbook in the documentation on the Symfony website, still the same. The application has been developed with Symfony 2.3, but upgrading to 2.6 and 2.7 doesn't solve the problem.
The security code is completely vanilla except to extends my template in one twig file, and the behaviour is still the same without the extends.
The config files have been modified according to the FosUserBundle doc. I am obviously missing something, but no idea what.