Fosuserbundle: /login path giving 404 in the production environment

I've the same issue

• Symfony 3.4.4
• PHP 5.6
• FOSUserBundle v2.0.2
  app/config/routing.yml:
  fos_user: resource: "@FOSUserBundle/Resources/config/routing/all.xml" options: { i18n: false }

Same here.
Did you guys managed to solve this issue ?

Symfony 3.4.11
PHP 7.0.27
FOSUserBundle 2.0.1

OK found a solution to my issue: mod_rewrite wasnt enabled on my apache's prod. ($ sudo a2enmod rewrite)
Be sure to check that if you land here from Google.

Make sure your project uses the apache pack.

composer require symfony/apache-pack

This will add an .htaccess file in your public folder

@kvandenhaute the error is not returning from the server, symfony giving this error. also, I using nginx server.

Hello, I run into this issue and I been following all the recomendation and I cannot make login or any other fosuserbundle route work.

I have a amazon lightsail server with lamp 7 installed. I have mod_rewrite active and I have follow the server configuration guide and other alternatives. I get a 500 error and a 404 some times, and a no route found when I use diferent configurations. I added the apache pack and the .htaccess as recommended and nothing works. I belive is a problem in my vhosts but I cant get what problem. other url work sometimes, the only one that is up is main index. In dev works fni

Im using symfony 4.2.2
apache 2.4.34
php 7.1.20

This is my vhost config

<VirtualHost *:80>      
    ServerAdmin [email protected]
    DocumentRoot /opt/bitnami/apache2/htdocs/bws/public
   <Directory /opt/bitnami/apache2/htdocs/bws/public>
                AllowOverride All
                Require all granted
                Allow from All

        FallbackResource /index.php

        <IfModule mod_rewrite.c>
            Options -MultiViews
            RewriteEngine On
            RewriteCond %{REQUEST_FILENAME} !-f
            RewriteRule ^(.*)$ index.php [QSA,L]
        </IfModule>
    </Directory>

    <Directory /var/www/project/public/bundles>
        FallbackResource disabled
    </Directory>

    ServerName bajawebsolutions.com
    ServerAlias www.bajawebsolutions.com
    ErrorLog "logs/bws-error_log"
    CustomLog "logs/bws-access_log" common  
</VirtualHost>

my .htaccess

<IfModule mod_rewrite.c>
    Options -MultiViews
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>

<IfModule !mod_rewrite.c>
    <IfModule mod_alias.c>
        RedirectMatch 302 ^/$ /index.php/
    </IfModule>
</IfModule>

Active modules in httpd.conf
LoadModule mpm_event_module modules/mod_mpm_event.so

#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_form_module modules/mod_auth_form.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule allowmethods_module modules/mod_allowmethods.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule cache_module modules/mod_cache.so
#LoadModule cache_disk_module modules/mod_cache_disk.so
#LoadModule cache_socache_module modules/mod_cache_socache.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
#LoadModule watchdog_module modules/mod_watchdog.so
#LoadModule macro_module modules/mod_macro.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule buffer_module modules/mod_buffer.so
#LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule request_module modules/mod_request.so
#LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule sed_module modules/mod_sed.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule mime_module modules/mod_mime.so
#LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_debug_module modules/mod_log_debug.so
#LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
#LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
#LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_express_module modules/mod_proxy_express.so
#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
#LoadModule session_module modules/mod_session.so
#LoadModule session_cookie_module modules/mod_session_cookie.so
#LoadModule session_dbd_module modules/mod_session_dbd.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule ssl_module modules/mod_ssl.so
#LoadModule http2_module modules/mod_http2.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule unixd_module modules/mod_unixd.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule info_module modules/mod_info.so
#LoadModule cgid_module modules/mod_cgid.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule php7_module        modules/libphp7.so

Composer.json

{
    "type": "project",
    "license": "proprietary",
    "require": {
        "php": "^7.1.3",
        "ext-ctype": "*",
        "ext-iconv": "*",
        "doctrine/doctrine-migrations-bundle": "^1.0",
        "friendsofsymfony/rest-bundle": "^2.5",
        "friendsofsymfony/user-bundle": "~2.0",
        "jms/serializer-bundle": "^2.4",
        "knplabs/knp-snappy-bundle": "^1.6",
        "nelmio/cors-bundle": "^1.5",
        "ninsuo/symfony-collection": "^2.1",
        "omines/datatables-bundle": "^0.2.1",
        "phpoffice/phpspreadsheet": "^1.6",
        "sensio/framework-extra-bundle": "^5.1",
        "symfony/apache-pack": "^1.0",
        "symfony/asset": "4.2.*",
        "symfony/console": "4.2.*",
        "symfony/dotenv": "4.2.*",
        "symfony/expression-language": "4.2.*",
        "symfony/flex": "^1.1",
        "symfony/form": "4.2.*",
        "symfony/framework-bundle": "4.2.*",
        "symfony/monolog-bundle": "^3.1",
        "symfony/orm-pack": "*",
        "symfony/process": "4.2.*",
        "symfony/security-bundle": "4.2.*",
        "symfony/serializer-pack": "*",
        "symfony/swiftmailer-bundle": "^3.1",
        "symfony/translation": "4.2.*",
        "symfony/twig-bundle": "4.2.*",
        "symfony/validator": "4.2.*",
        "symfony/web-link": "4.2.*",
        "symfony/webpack-encore-bundle": "^1.1",
        "symfony/yaml": "4.2.*"
    },
    "require-dev": {
        "doctrine/doctrine-fixtures-bundle": "^3.1",
        "symfony/debug-pack": "*",
        "symfony/maker-bundle": "^1.0",
        "symfony/profiler-pack": "*",
        "symfony/test-pack": "*",
        "symfony/web-server-bundle": "4.2.*"
    },
    "config": {
        "preferred-install": {
            "*": "dist"
        },
        "sort-packages": true
    },
    "autoload": {
        "psr-4": {
            "App\\": "src/"
        }
    },
    "autoload-dev": {
        "psr-4": {
            "App\\Tests\\": "tests/"
        }
    },
    "replace": {
        "paragonie/random_compat": "2.*",
        "symfony/polyfill-ctype": "*",
        "symfony/polyfill-iconv": "*",
        "symfony/polyfill-php71": "*",
        "symfony/polyfill-php70": "*",
        "symfony/polyfill-php56": "*"
    },
    "scripts": {
        "auto-scripts": {
            "cache:clear": "symfony-cmd",
            "assets:install %PUBLIC_DIR%": "symfony-cmd"
        },
        "post-install-cmd": [
            "@auto-scripts"
        ],
        "post-update-cmd": [
            "@auto-scripts"
        ]
    },
    "conflict": {
        "symfony/symfony": "*"
    },
    "extra": {
        "symfony": {
            "allow-contrib": false,
            "require": "4.2.*"
        }
    }
}

Any help would be apreciated.

Thanks.

Well, I copy the FOSUser register and login templates to my templates folder like this
_/MY-NEW-PROJECT/templates/bundles/FOSUserBundle/Security/
/MY-NEW-PROJECT/templates/bundles/FOSUserBundle/Registration/_

the file: _/templates/bundles/FOSUserBundle/Security/login_content.html.twig_ needs a very small typo fix.

1. find the line (i think, 6)
   <form action="{{ path(" fos_user_security_check") }}"="fos....

Remove the space after path(" so yo now have

<form action="{{ path("fos_user_security_check") }}"="fos_user_security_check") }}"" method="post" class="form-signin">

Like I said, this worked for me. Let me know if it works for you, too.

@hyperclock Which space are you talking about? I don't any in https://github.com/FriendsOfSymfony/FOSUserBundle/blob/855084a3a7e9ac494de9a38ba717f35a9308e5ce/Resources/views/Security/login_content.html.twig#L7

Any update for this issue ? I event try to update the package to its latest stable version (v2.1.2) in vain. Still the /login route thrown 404 page in production. Please you guys can consider this ?

@Saint-Cyr there is nothing we can do to help, as we don't have a reproducing case and not even an error message.

Thus, it looks like the discussion in this ticket actually contains several unrelated issues:

• @bcastagna had an issue with their Apache config, totally unrelated to FOSUserBundle
• @hyperclock reports weird content in a Twig template, which is not the content in our template so it looks like the template was modified
• @razeta reported that different configs are triggering a 404 or 500 error, but without any details about which configuration triggers what and what the error messages are
• you've just said I've the same issue.

Symfony FOSUserBundle versions:

• symfony 4.0.3
• FosUserBundle master

routes/fos_user.yaml

fos_user:
    resource: "@FOSUserBundle/Resources/config/routing/all.xml"
    options: { i18n: false }

no problem when I try to access /login path in the development environment.
but in the production environment, symfony giving 404 error.

@stof, This is what I reference to when I said _I've the same issue_. The only difference is that I'm using SF3.4 and FOSUserBundle v2.1.2 instead of SF4 and FOSUserBundle master as @emr did. I may (with your permission) create new issue for that please.

This is not a complete reproducer (I'm perfectly able to access my /login path in production since years, so there must be something different between your prod end and mine).

@stof thank you so much for the time you take for this issue. Please consider this composer.json file and you'll will realize that the path /login is thrown 404 exception in production environment.

{
    "name": "root/academ2",
    "license": "proprietary",
    "type": "project",
    "autoload": {
        "psr-4": {
            "AppBundle\\": "src/AppBundle",
        "UserBundle\\": "src/UserBundle"
        },
        "classmap": [
            "app/AppKernel.php",
            "app/AppCache.php"
        ]
    },
    "autoload-dev": {
        "psr-4": {
            "Tests\\": "tests/"
        },
        "files": [
            "vendor/symfony/symfony/src/Symfony/Component/VarDumper/Resources/functions/dump.php"
        ]
    },
    "require": {
        "php": ">=5.5.9",
        "cibincasso/barcode-bundle": "^1.0",
        "coresphere/console-bundle": "^0.5.0",
        "doctrine/doctrine-bundle": "^1.6",
        "doctrine/doctrine-fixtures-bundle": "^3.0",
        "doctrine/orm": "^2.5",
        "friendsofsymfony/user-bundle": "v2.1.2",
        "hautelook/alice-bundle": "v1.4.1",
        "incenteev/composer-parameter-handler": "^2.0",
        "knplabs/knp-snappy": "v1.0.4",
        "league/csv": "^8.2",
        "sensio/distribution-bundle": "^5.0.19",
        "sensio/framework-extra-bundle": "^5.0.0",
        "sonata-project/admin-bundle": "3.49",
        "sonata-project/block-bundle": "3.11",
        "sonata-project/core-bundle": "3.15",
        "sonata-project/datagrid-bundle": "2.3.1",
        "sonata-project/doctrine-orm-admin-bundle": "3.4.1",
        "sonata-project/exporter": "1.11",
        "symfony/apache-pack": "^1.0",
        "symfony/monolog-bundle": "^3.1.0",
        "symfony/polyfill-apcu": "^1.0",
        "symfony/swiftmailer-bundle": "^2.6.4",
        "symfony/symfony": "3.4.*",
        "twig/twig": "^v2.9.0"
    },
    "require-dev": {
        "sensio/generator-bundle": "^3.0",
        "symfony/phpunit-bridge": "^5.0"
    },
    "scripts": {
        "symfony-scripts": [
            "Incenteev\\ParameterHandler\\ScriptHandler::buildParameters",
            "Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::buildBootstrap",
            "Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::clearCache",
            "Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installAssets",
            "Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installRequirementsFile",
            "Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::prepareDeploymentTarget"
        ],
        "post-install-cmd": [
            "@symfony-scripts"
        ],
        "post-update-cmd": [
            "@symfony-scripts"
        ]
    },
    "config": {
        "sort-packages": true
    },
    "extra": {
        "symfony-app-dir": "app",
        "symfony-bin-dir": "bin",
        "symfony-var-dir": "var",
        "symfony-web-dir": "web",
        "symfony-tests-dir": "tests",
        "symfony-assets-install": "relative",
        "incenteev-parameters": {
            "file": "app/config/parameters.yml"
        },
        "branch-alias": null
    }
}

well, a composer.json alone is still not a reproducing case, unless you make it include a composer plugin which creates everything else in the project to have a running example

well, a composer.json alone is still not a reproducing case, unless you make it include a composer plugin which creates everything else in the project to have a running example

@stof , following are the config I made for my App
app/config/routing.yml

fos_user:
        resource: "@FOSUserBundle/Resources/config/routing/all.xml"

app/config/config.yml

fos_user:
    db_driver: orm
    firewall_name: main
    user_class: UserBundle\Entity\User
    registration:
        form:
            type: UserBundle\Form\RegistrationType
    from_email:
        address: [email protected]
        sender_name: AppName

and finally app/config/security.yml

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: auto

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            pattern:  ^/
            form_login:
                provider: fos_userbundle
                csrf_token_generator: security.csrf.token_manager
                # if you are using Symfony < 2.8, use the following config instead:
                # csrf_provider: form.csrf_provider
            logout:       true
            anonymous:    true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        #- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        #- { path: ^/admin/, role: ROLE_LEVEL1 }
        - { path: ^/report, role: ROLE_SUPER_ADMIN }
        - { path: ^/pos_barcode, role: ROLE_SELLER }
        - { path: ^/pos2, role: ROLE_SELLER }
        - { path: ^/pos, role: ROLE_SELLER }

I found a turn around to solve the issue (access all the FOSUserBundle routes in production env) even though it is realy dirty :
When the App is ready for deployement, I change $kernel = new AppKernel('dev', true); to $kernel = new AppKernel('prod', true); from the file web/app_dev.php. however, please let me know if by this way, I may face any regression issue or I could do it better by updating the web/app.php file. I remember that the content of app.php is actually :

<?php

use Symfony\Component\HttpFoundation\Request;

require __DIR__.'/../vendor/autoload.php';
if (PHP_VERSION_ID < 70000) {
    include_once __DIR__.'/../var/bootstrap.php.cache';
}

$kernel = new AppKernel('prod', false);
if (PHP_VERSION_ID < 70000) {
    $kernel->loadClassCache();
}
//$kernel = new AppCache($kernel);

// When using the HttpCache, you need to call the method in your front controller instead of relying on the configuration parameter
//Request::enableHttpMethodParameterOverride();
$request = Request::createFromGlobals();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);

This looks unrelated to FOSUserBundle here, and more related to the setup of your Symfony project or your webserver.

Note that the second argument of the kernel constructor is the debug mode of Symfony. In production, you really don't want to run in debug mode as that adds lots of performance overhead. But remember that the non-debug mode requires explicit cache clearing during the deployment process as cache is not cleared automatically (which is one of the major source of performance overhead in debug mode)

Thank you @stof. Howhever, it does not sound peacefull in my mind up to now, unless I can figure out what is wrong with my web/app.php file while I never edit it (I may did it unintentionally).