> Yeah, it's all much clearer now, spent some time with Johannes to
> understand some of the internals of the security component.
> It really helps to understand the actual code under the hood, rather than
> just what you should do to make something work.

> We are doing a little more than described here, am trying to find time to
> document it, but this should do for most people for now.

> Thanks,
> Chris

> On 23 August 2012 21:33, marcoiai <marco.a.si...@gmail.com> wrote:

>> Hi. Its seamless. All you need to do is implement UserInterface.

>> There you will return your field that act as username and password, above
>> other fields (check provided links at the bottom).

>> Then, at your security.yml, theres a section like this (only to ilustrate
>> the example):

>> providers:
>>         administrators:
>>             entity: { class: EnovaEntitiesBundle:Entidades, property:
>> usuario }

>> secured_area:
>>             pattern:    ^/
>>             form_login:
>>                 intention:  authenticate
>>                 check_path: /login_check
>>                 login_path: /login
>>                 failure_path: /login
>>                 default_target_path: /agenda
>>                 always_use_default_target_path: true
>>                 username_parameter:   usuario
>>                 password_parameter:   senha

>> Look like i changed password_parameter to "senha", my field that holds
>> the password. The key here is the config of security.yml. You create a void
>> routing rule named /login_check, this is where the magic happens. The
>> security layer intercepts your call to login_check route (this is the url
>> that your login_form will post) and using your entity (in my case
>> EnovaEntitiesBundle:Entidades) will do the password check for you. Dont
>> forget to mantain one firewall to all configuration of security.yml.

>> Read these links:
>> http://symfony.com/doc/current/cookbook/security/entity_provider.html
>> http://symfony.com/doc/current/book/security.html
>> http://symfony.com/doc/current/cookbook/security/form_login.html

>> Em sexta-feira, 24 de fevereiro de 2012 09h21min53s UTC-2, Chris Sedlmayr
>> escreveu:

>>> Still a bit stuck here;

>>> I'm not sure where the actual auth call to the API should be, of course
>>> there is a loadByUsername() function in my UserProvider class, but this is
>>> only to load the user, not authenticate using the password.
>>> The auth must be done at the API level, the API does not return a
>>> password for me to compare, I pass it a password and it does the check then
>>> returns to me the result of the check.

>>> How should I implement this?

>>  --
>> If you want to report a vulnerability issue on symfony, please send it to
>> security at symfony-project.com

>> You received this message because you are subscribed to the Google
>> Groups "Symfony2" group.
>> To post to this group, send email to symfony2@googlegroups.com
>> To unsubscribe from this group, send email to
>> symfony2+unsubscribe@googlegroups.com
>> For more options, visit this group at
>> http://groups.google.com/group/symfony2?hl=en

>  --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com

> You received this message because you are subscribed to the Google
> Groups "Symfony2" group.
> To post to this group, send email to symfony2@googlegroups.com
> To unsubscribe from this group, send email to
> symfony2+unsubscribe@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/symfony2?hl=en