Session-less authenticators and user providers #11

weaverryan opened this Issue Aug 7, 2015 · 0 comments


None yet
1 participant

weaverryan commented Aug 7, 2015

This might be a documentation issue:

A) set stateless: false under your firewall if none of your authenticators use the session

B) If you have a stateless firewall, then all UserInterface objects must have a user provider (even if your UserProvider just throws a UsernameNotFoundException in refreshUser() because it basically doesn't support session-based stuff.

Overall, my examples show an entity user provider, but if you don't use that - or have some other crazy situation, you will need a user provider, if only because it's required by Symfony.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment