Hi all, I'm developping an application as an API: making requests returns simple xml or json files, but I need to save some properties in session. All available documentation is form login oriented. I got authentication getting a connection to a database, using doctrine ORM. If is a valid login, result will be a xml/json with success as content.
Login is accessed like http://server/login/<username>/<password>/<format> logout like http://server/logout/<format> and acount like http://server/account/<resource>/<format>. So i got a problem: I can't handle with session storage of symfony, because in each request I got a new session id; Does anyone know: 1. how I can get a ROLE_USER (or similar) after received a success login 2. how I can get all information from session when I access to the account with a valid login 3. how I can invalidate session in logout resource. 4. Which Is the best configuration in security for this situation!? Cheers, Filipe Dias -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en