I have implemented remember me functionality in Symfony2. When I log in with remember me box checked, cookie named "REMEMBERME" gets created. That cookie is also available if I close browser and open it after many hours. But when I load home page of my application, the cookie gets automatically deleted and I see no user logged in. Can anyone explain me the reason for cookie deletion?
remember_me:
key: qwerty
lifetime: 604800
path: /
domain: ~
This is my security.yml file section
EDIT: I have still not found the solution to this question...
EDIT2: Now got new problem. The REMEMBERME cookie does not get set at all. How to solve this??
SOLVED: see answer below
Although this question has already been answered, I would like to contribute a possible solution, if only for posterity and Google search referrals for this problem :)
"The issue is simple: a remembered used does not have the IS_AUTHENTICATED_FULLY role but only IS_AUTHENTICATED_REMEMBERED to make a difference between a remembered user and a user who logged in"
Source: http://www.mail-archive.com/[email protected]/msg34021.html
What this means is that in your security configuration, you must make sure that for every ACL entry the IS_AUTHENTICATED_REMEMBERED role is configured in addition to the IS_AUTHENTICATED_FULLY role.
For example:
#app/config/security.yml
security:
...
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: [IS_AUTHENTICATED_FULLY,IS_AUTHENTICATED_REMEMBERED] }