Remember Me functionality not working in Symfony2

adityap picture adityap · Sep 18, 2011 · Viewed 10.7k times · Source

I have implemented remember me functionality in Symfony2. When I log in with remember me box checked, cookie named "REMEMBERME" gets created. That cookie is also available if I close browser and open it after many hours. But when I load home page of my application, the cookie gets automatically deleted and I see no user logged in. Can anyone explain me the reason for cookie deletion?

remember_me:
          key:      qwerty
          lifetime: 604800
          path:     /
          domain:   ~ 

This is my security.yml file section

EDIT: I have still not found the solution to this question...

EDIT2: Now got new problem. The REMEMBERME cookie does not get set at all. How to solve this??

SOLVED: see answer below

Answer

lucidity14 picture lucidity14 · Jun 11, 2012

Although this question has already been answered, I would like to contribute a possible solution, if only for posterity and Google search referrals for this problem :)

"The issue is simple: a remembered used does not have the IS_AUTHENTICATED_FULLY role but only IS_AUTHENTICATED_REMEMBERED to make a difference between a remembered user and a user who logged in"

Source: http://www.mail-archive.com/[email protected]/msg34021.html

What this means is that in your security configuration, you must make sure that for every ACL entry the IS_AUTHENTICATED_REMEMBERED role is configured in addition to the IS_AUTHENTICATED_FULLY role.

For example:

#app/config/security.yml
security:
    ...
    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: [IS_AUTHENTICATED_FULLY,IS_AUTHENTICATED_REMEMBERED] }