FOSUserBundle: configure the check path to be handled by the firewall using form_login

Question

I download the FOSUser Bundle in my symfony project.

This is the routing file of the bundle:

# Manage security
fos_user_security:
    resource:  "@FOSUserBundle/Resources/config/routing/security.xml"

# User Profil
fos_user_profile:
    resource:  "@FOSUserBundle/Resources/config/routing/profile.xml"
    prefix: /profile

# Register User
fos_user_register:
    resource:  "@FOSUserBundle/Resources/config/routing/registration.xml"
    prefix: /register

# Reset User password
fos_user_resetting:
    resource:  "@FOSUserBundle/Resources/config/routing/resetting.xml"
    prefix: /resetPassword

# Change User password
fos_user_change_password:
    resource:  "@FOSUserBundle/Resources/config/routing/change_password.xml"
    prefix: /changePassword

Now, when I would like to go to the login page, everything works, but when I would like to connect the user, I have this error:

You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.

This is my config file, security.yml:

security:

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt|error)|css|images|js)/
            security: false

        default:
            anonymous: ~

        main:
            pattern: ^/
            form_login:
                check_path: fos_user_security_login_check
                login_path: fos_user_security_login
                provider: fos_userbundle
                csrf_provider: security.csrf.token_manager
            logout:
                path:     fos_user_security_logout
                target:   /
            anonymous:    true

    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: ROLE_ADMIN }

What I am doign wrong?

Moreover, when I would like to logout I have this error:

You must activate the logout in your security firewall configuration.

I do not see `fos_user_security_login_check` and `fos_user_security_login` defined in your routing file. — Dric512, Jul 24 '15 at 13:31
@LéoBenoist I removed the first encoder `encoders: FOS\UserBundle\Model\UserInterface: bcrypt`, I have another error when I would like to logout `You must activate the logout in your security firewall configuration.` — french_dev, Jul 24 '15 at 13:38
@Dric512, I defined them in the main firewall here `main: pattern: ^/ form_login: check_path: fos_user_security_login_check login_path: fos_user_security_login` — french_dev, Jul 24 '15 at 13:40
Yes but where are the routes for `fos_user_security_login_check` and `fos_user_security_login` defined ? And I am not sure you can use route names for `check_path` and `login_path`, I though that you had to use URLs, for example `/login` — Dric512, Jul 24 '15 at 13:48

score 1 · Accepted Answer · answered Jul 24 '15 at 23:47

1

Just remove your default firewall:

default:
    anonymous: ~

It catch all your requests because firewalls are tests in the order they are defined.
So on a FOSUserBundle page like the login page, there is no form_login provider, nor logout one.

answered Jul 24 '15 at 23:47

Yassine Guedidi

1,695
11
12

sorry to answer you just now. I have not my code with me for now, but I'll tried your suggestion asap. Thank you for reply. – french_dev Jul 27 '15 at 07:27
No problem, hope it will help. – Yassine Guedidi Jul 28 '15 at 15:04
It's been a while, and I don't take the time to answer you (better late than never). Thank you by the way, you help me to solve this problem – french_dev Jul 20 '16 at 09:06

score 0 · Answer 2 · answered Jul 24 '15 at 18:32

use this :

form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                check_path:     /login_check
                failure_path:   /login
                default_target_path: /profile/
                always_use_default_target_path: true

score 0 · Answer 3 · answered Oct 22 '17 at 03:35

I think that this is a duplicate of You must configure the check path to be handled by the firewall using form_login in your security firewall configuration

Your code is wrong only in the part of check_path value.

This is your original code:

    main:
        pattern: ^/
        form_login:
            check_path: fos_user_security_login_check
            login_path: fos_user_security_login
            provider: fos_userbundle
            csrf_provider: security.csrf.token_manager

And you should use something like:

    main:
        pattern: ^/
        form_login:
            check_path: fos_user_security_login_check
            login_path: /login_check
            provider: fos_userbundle
            csrf_provider: security.csrf.token_manager

Note that check_path has as value only a string. If you use the value fos_user_security_check you are calling to SecurityController.php class and invoking the checkAction() method which exactly only throws an RuntimeError Exception with the error displayed "You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.". So the fix is so simple that not use the value fos_user_security_check

Hi Shakaran, i'm also facing same issue, i have updated SF 2.4 to SF 2.8, FOSUserBundle 1.4 to 2.0 attached screenshots of security.yml and error page https://github.com/FriendsOfSymfony/FOSUserBundle/issues/1538 , thanks in advance. — Allahbakash.G, Oct 23 '17 at 07:46

score 0 · Answer 4 · answered Dec 13 '17 at 16:16

This took me days to sort out and was such a simple solution. Hope to save someone else some time, by posting what I did. Just had to remove

check_path: fos_user_security_login_check

My security.yml looks now like this:

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt|error)|css|images|js)/
            security: false


        main:
            pattern: ^/
            form_login:
                login_path: fos_user_security_login
                provider: fos_userbundle
                csrf_provider: security.csrf.token_manager
                default_target_path: /admin/materials/
                always_use_default_target_path: true
            logout: 
                path:   fos_user_security_logout
                target: /
            anonymous: true

    access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }

FOSUserBundle: configure the check path to be handled by the firewall using form_login

4 Answers4