1

I am having this rather common problem of Symfony login failing with this error message:

Unable to find the controller for path "/auth/login_check".

The common answer to this problem is that the login_check route isn't behind the firewall, but in my case it is! Here are my config files:

app/config/security.yml

firewalls:
    dev:
        pattern:    ^/(_(profiler|wdt)|css|images|js)/
        security:   false

    auth_area:
        pattern:    ^/auth/(login|login_check)
        anonymous:  ~

    secured_area:
        pattern:    ^/
        form_login:
            login_path: /auth/login
            check_path: /auth/login_check
        logout:
            path:   /auth/logout
            target: /

app/config/routing.yml

login:
    pattern: /auth/login
    defaults: { _controller: AuthBundle:Default:login }

login_check:
    pattern: /auth/login_check

logout:
    pattern: /auth/logout

AuthBundle/Controller/DefaultController.php

public function loginAction()
{
  $form = $this->createForm(new UserType(), new User());

  return $this->render('AuthBundle:Default:login.html.twig', array(
    'form' => $form->createView(),
    'action' => $this->generateUrl('login_check'),
  ));
}

AuthBundle/Form/Type/UserType.php

public function buildForm(FormBuilderInterface $builder, array $options)
{
  $builder->add('username', 'text', array('label' => 'Login:'));
  $builder->add('password', 'password', array('label' => 'Password:'));
}

AuthBundle/Resources/views/Default/login.html.twig

...
<form action="{{ action }}" method="POST">
  {{ form_widget(form) }}
  <input type="submit" value="Login" />
</form>
...

My form is created with the route login_check as target (/auth/login_check URL).

The secured_area firewall is supposed to match all URLs, so /auth/login_check should be in it. Yet, I keep getting this error. What am I doing wrong?

Improve this question

3 Answers 3

Reset to default
2

The login_check url must behind the same firewall as the using firewall. use ACLs instead.

firewalls:
    dev:
        pattern:    ^/(_(profiler|wdt)|css|images|js)/
        security:   false

    secured_area:
        pattern:    ^/
        form_login:
            login_path: /auth/login
            check_path: /auth/login_check
        logout:
            path:   /auth/logout
            target: /
        anonymous:  ~

access_control:
    - { path: ^/auth/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, role: ROLE_USER }
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Doesn't this allow anonymous access to the whole website? By adding anonymous: ~ in the secured_area firewall
No, as the last rule under access_control forces every access to every other location to have the ROLE_USER role, which only authenticated users can have.
0

app/config/security.yml

secured_area:
    pattern:    ^/
    form_login:
        login_path: login  #this is routing name
        check_path: login_check  #this is routing name
    logout:
        path:   logout #this is routing name
        target: /

Edit

[1] you can try delete this:

auth_area:
    pattern:    ^/auth/(login|login_check)
    anonymous:  ~

[2] your path better that:

 <form action="{{ path('login_check') }}" method="POST">

Edit

It is example for login

firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false
    secured_area:
        pattern:    ^/
        anonymous: ~
        form_login:
            login_path:  login
            check_path:  login_check
            always_use_default_target_path: true
            default_target_path: /top
        logout:
            path:   /user_logout
            target: /
Improve this answer

5 Comments

can you list you loginAction??
Removing auth_area causes a redirection loop as it makes authentication mandatory to access /auth/login, thus redirecting to the same URL. Thanks for the tip for the form action (although not solving the problem either).
It is my test example , hope it can help you
Not working either... Plus I don't want to allow any anonymous access to the site.
I do not know how about your firewalls is working ,you can try to set firewall "dev" 'security: true' to test that the firewall is working . if you also can see the tool bar , your firewall is not working
0

routing.yml

login_check:
    pattern:  /login_check
    defaults: { _controller: AcmeUserBundle:Default:loginCheck }

DefaultController.php

public function loginCheckAction()
{
    return $this->redirect($this->generateUrl('login'));
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.