12

after installing FOSUserBundle, now Im trying to login with user/ userpass but I still get the "Bad credentials" message. This is my security.yml:

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        in_memory:
            users:
                user:  { password: userpass, roles: [ 'ROLE_USER' ] }
                admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
        fos_userbundle:
            id: fos_user.user_manager

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
            logout:       true
            anonymous:    true
            #anonymous: ~
            #http_basic:
            #    realm: "Secured Demo Area"

Any idea?

symfony 2.0.4

Improve this question

4 Answers 4

Reset to default
22

Chain your providers like this: 

providers:
    chain_provider:
        providers: [in_memory, fos_userbundle]
    in_memory:
        users:
            user:  { password: userpass, roles: [ 'ROLE_USER' ] }
            admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }

    fos_userbundle:
        id: fos_user.user_manager

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: chain_provider
            logout:       true
            anonymous:    true
            switch_user:  true
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false
Improve this answer
1
  • 5
    For Symfony 2.1, the syntax has changed slightly: between chain_provider: and providers:, you need to add an additional key, chain:, like so: providers: chain_provider: chain: providers: [in_memory, fos_userbundle] See the current documentation for more information.
    – Daniel Miladinov
    Commented Dec 18, 2012 at 15:17
5

In the firewall section you're using the wrong provider: fos_userbundle instead of in_memory. You can chain them if you want.

Improve this answer
2
  • thanks but it's not working..I have now "provider: in_memory".
    – tirenweb
    Commented Oct 27, 2011 at 15:55
  • 1
    Are you working in prod or dev env? If prod did you clear your cache?
    – dlondero
    Commented Oct 29, 2011 at 14:32
2

In addition to a chian of Users provider, i suggest you to encode your password in your web application, you can encode by a tools online sh1 link to encode online.

encoders:
    "Symfony\Component\Security\Core\User\User":
        algorithm:   sha1
        iterations: 1
        encode_as_base64: false
    "FOS\UserBundle\Model\UserInterface": sha512

providers:
chain_provider:
    providers: [in_memory, fos_userbundle]
in_memory:
    users:
        user:  { password: 45f106ef4d5161e7aa38cf6c666607f25748b6ca, roles: [ 'ROLE_USER' ] } # userpass as password
        admin: { password: 74913f5cd5f61ec0bcfdb775414c2fb3d161b620, roles: [ 'ROLE_ADMIN' ] } # adminpass as password

fos_userbundle:
    id: fos_user.user_manager

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: chain_provider
        logout:       true
        anonymous:    true
        switch_user:  true
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false
Improve this answer
0

Chain your providers for symfony 2.3 like this: 

providers:

    in_memory:
        users:
            user:  { password: userpass, roles: [ 'ROLE_USER' ] }
            admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }

    fos_userbundle:
        id: fos_user.user_manager

    chain_provider:
        chain:
            providers: [in_memory, fos_userbundle]

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: chain_provider
            logout:       true
            anonymous:    true
            switch_user:  true
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false
Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.