I have a Symfony2 application that loads users from in_memory
user provider. The security.yml
is the following:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
users:
admin: { password: mypassword, roles: [ 'ROLE_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/demo/secured/login$
security: false
secured_area:
pattern: ^/
anonymous: ~
http_basic:
realm: "MyApp Realm - Login"
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
#- { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
- { path: ^/subscription/show, roles: ROLE_ADMIN }
- { path: ^/send, roles: ROLE_ADMIN }
In my local development environment (a Mac Book Pro) this configuration works as expected. When I go to routes _/send_
or _/subscription/show_
, Symfony asks me for login and if I enter credentials admin and mypassword I can view pages correctly.
But in production environment (a Debian server) I have to perform login to see that routes but the same username and password doesn't work! The HTTP basic authentication login prompt never go away! I can't understand.
Why that configuration doesn't work? And overall why in my local environment it works and in the production environment it doesn't?
I also see a question I suppose it is related to: Symfony2 plaintext users don't work. I already tried all suggestions listed there but any of them solve the problem.