Hi, We have recently updated from Beta1 to Final Release of Symfony and we are facing a change related to login functionality.
What we want to do is login directly calling the login action of the Security Bundle. This is useful if you want to access to the application from a mobile app. In Beta1 version was really easy, just calling the login action and done. In Release version it doesn't work. We can login from our login webpage but not from a mobile app which calls the login action directly. After some research we are figure out that the problem is that when the webpage loads it recieves a cookie from Symfony2. Without this first cookie the login can't be performed. Obviously when we make a direct call to the login action from our mobile app we don't have this cookie. We are quite sure that this is the problem because if we delete manually the cookie after the webpage loads the login doesn't work on the webpage. Is that a bug or there are any security reason for that change? Regards Cristian -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
