Handler fingers_crossed set to "error" in production prevents login in Symfony 7 without any error

[gremo]

This is one of the most strange thing I've found in years, being a Symfony developer since version 2.

With Symfony 7 and the following production configuration (untouched, installed by Flex), I'm not able to login to my firewall:

when@prod:
    monolog:
        handlers:
            main:
                type: fingers_crossed
                action_level: debug
                handler: nested
                excluded_http_codes: [404, 405]
                buffer_size: 50 # How many messages should be saved? Prevent memory leaks
            nested:
                type: stream
                path: php://stderr
                level: debug
                formatter: monolog.formatter.json
            console:
                type: console
                process_psr_3_messages: false
                channels: ['!event', '!doctrine']
            deprecation:
                type: stream
                channels: [deprecation]
                path: php://stderr
                formatter: monolog.formatter.json

I've found, by chance, that changing the action_level: error to action_level: debug solve the issue (maybe other levels works too). The problem occurs only in production (of course, since that handler is not used in development).

Here is a short video of the behaviour (username/password are valid credentials):

I realize that debugging is very hard in this case, as a lot of sub-systems are involved. Mine it's just a simple and play login form, with a database user provider, like explained in the documentation. I'll try to digg further to try to figure out what's going on.

EDIT what I've found so far:

• Here AuthenticatorManagerListener the response is correctly set
• Here AuthenticatorManager the token it's ok

symfony/apache-pack                v1.0.1  A pack for Apache support in Symfony
symfony/asset                      v7.0.3  Manages URL generation and versioning of web assets such as CSS stylesheets, JavaScript file...
symfony/browser-kit                v7.0.3  Simulates the behavior of a web browser, allowing you to make requests, click on links and s...
symfony/cache                      v7.0.3  Provides extended PSR-6, PSR-16 (and tags) implementations
symfony/cache-contracts            v3.4.0  Generic abstractions related to caching
symfony/clock                      v7.0.3  Decouples applications from the system clock
symfony/config                     v7.0.3  Helps you find, load, combine, autofill and validate configuration values of any kind
symfony/console                    v7.0.3  Eases the creation of beautiful and testable command line interfaces
symfony/css-selector               v7.0.3  Converts CSS selectors to XPath expressions
symfony/debug-bundle               v7.0.3  Provides a tight integration of the Symfony VarDumper component and the ServerLogCommand fro...
symfony/dependency-injection       v7.0.3  Allows you to standardize and centralize the way objects are constructed in your application
symfony/deprecation-contracts      v3.4.0  A generic function and convention to trigger deprecation notices
symfony/doctrine-bridge            v7.0.3  Provides integration for Doctrine with various Symfony components
symfony/doctrine-messenger         v7.0.3  Symfony Doctrine Messenger Bridge
symfony/dom-crawler                v7.0.3  Eases DOM navigation for HTML and XML documents
symfony/dotenv                     v7.0.3  Registers environment variables from a .env file
symfony/error-handler              v7.0.3  Provides tools to manage errors and ease debugging PHP code
symfony/event-dispatcher           v7.0.3  Provides tools that allow your application components to communicate with each other by disp...
symfony/event-dispatcher-contracts v3.4.0  Generic abstractions related to dispatching event
symfony/expression-language        v7.0.3  Provides an engine that can compile and evaluate expressions
symfony/filesystem                 v7.0.3  Provides basic utilities for the filesystem
symfony/finder                     v7.0.0  Finds files and directories via an intuitive fluent interface
symfony/flex                       v2.4.4  Composer plugin for Symfony
symfony/form                       v7.0.3  Allows to easily create, process and reuse HTML forms
symfony/framework-bundle           v7.0.3  Provides a tight integration between Symfony components and the Symfony full-stack framework
symfony/http-client                v7.0.3  Provides powerful methods to fetch HTTP resources synchronously or asynchronously
symfony/http-client-contracts      v3.4.0  Generic abstractions related to HTTP clients
symfony/http-foundation            v7.0.3  Defines an object-oriented layer for the HTTP specification
symfony/http-kernel                v7.0.3  Provides a structured process for converting a Request into a Response
symfony/intl                       v7.0.3  Provides access to the localization data of the ICU library
symfony/mailer                     v7.0.3  Helps sending emails
symfony/maker-bundle               v1.55.1 Symfony Maker helps you create empty commands, controllers, form classes, tests and more so ...
symfony/messenger                  v7.0.3  Helps applications send and receive messages to/from other applications or via message queues
symfony/mime                       v7.0.3  Allows manipulating MIME messages
symfony/monolog-bridge             v7.0.3  Provides integration for Monolog with various Symfony components
symfony/monolog-bundle             v3.10.0 Symfony MonologBundle
symfony/notifier                   v7.0.3  Sends notifications via one or more channels (email, SMS, ...)
symfony/options-resolver           v7.0.0  Provides an improved replacement for the array_replace PHP function
symfony/password-hasher            v7.0.3  Provides password hashing utilities
symfony/phpunit-bridge             v7.0.3  Provides utilities for PHPUnit, especially user deprecation notices management
symfony/polyfill-intl-grapheme     v1.29.0 Symfony polyfill for intl's grapheme_* functions
symfony/polyfill-intl-icu          v1.29.0 Symfony polyfill for intl's ICU-related data and classes
symfony/polyfill-intl-idn          v1.29.0 Symfony polyfill for intl's idn_to_ascii and idn_to_utf8 functions
symfony/polyfill-intl-normalizer   v1.29.0 Symfony polyfill for intl's Normalizer class and related functions
symfony/polyfill-mbstring          v1.29.0 Symfony polyfill for the Mbstring extension
symfony/polyfill-php83             v1.29.0 Symfony polyfill backporting some PHP 8.3+ features to lower PHP versions
symfony/polyfill-uuid              v1.29.0 Symfony polyfill for uuid functions
symfony/process                    v7.0.3  Executes commands in sub-processes
symfony/property-access            v7.0.3  Provides functions to read and write from/to an object or array using a simple string notation
symfony/property-info              v7.0.3  Extracts information about PHP class' properties using metadata of popular sources
symfony/routing                    v7.0.3  Maps an HTTP request to a set of configuration variables
symfony/runtime                    v7.0.3  Enables decoupling PHP applications from global state
symfony/security-bundle            v7.0.3  Provides a tight integration of the Security component into the Symfony full-stack framework
symfony/security-core              v7.0.3  Symfony Security Component - Core Library
symfony/security-csrf              v7.0.3  Symfony Security Component - CSRF Library
symfony/security-http              v7.0.3  Symfony Security Component - HTTP Integration
symfony/serializer                 v7.0.3  Handles serializing and deserializing data structures, including object graphs, into array s...
symfony/service-contracts          v3.4.1  Generic abstractions related to writing services
symfony/stimulus-bundle            v2.15.0 Integration with your Symfony app & Stimulus!
symfony/stopwatch                  v7.0.3  Provides a way to profile code
symfony/string                     v7.0.3  Provides an object-oriented API to strings and deals with bytes, UTF-8 code points and graph...
symfony/translation                v7.0.3  Provides tools to internationalize your application
symfony/translation-contracts      v3.4.1  Generic abstractions related to translation
symfony/twig-bridge                v7.0.3  Provides integration for Twig with various Symfony components
symfony/twig-bundle                v7.0.3  Provides a tight integration of Twig into the Symfony full-stack framework
symfony/uid                        v7.0.3  Provides an object-oriented API to generate and represent UIDs
symfony/ux-live-component          v2.15.0 Live components for Symfony
symfony/ux-twig-component          v2.15.0 Twig components for Symfony
symfony/ux-typed                   v2.15.0 Typed integration for Symfony
symfony/validator                  v7.0.3  Provides tools to validate values
symfony/var-dumper                 v7.0.3  Provides mechanisms for walking through any arbitrary PHP variable
symfony/var-exporter               v7.0.3  Allows exporting any serializable PHP data structure to plain PHP code
symfony/web-profiler-bundle        v7.0.3  Provides a development tool that gives detailed information about the execution of any request
symfony/webpack-encore-bundle      v2.1.1  Integration with your Symfony app & Webpack Encore!
symfony/yaml                       v7.0.3  Loads and dumps YAML files

[gremo]

Unable to solve this issue. Does anyone have an idea?

[gremo]

Another update, which I hope will demostrate that something is going wrong between monolog and the security system.

If I comment out this line: https://github.com/Seldaek/monolog/blob/main/src/Monolog/Handler/FingersCrossedHandler.php#L140

$this->getHandler($record)->handle($record);

I can't login anymore in production even changing the activation strategy.

In a similar way, if I always call $this->getHandler($record)->handle($record), I will login without problems, despite the activation strategy.

@stof are you able to get into this?

[gremo]

Closing in favor of symfony/symfony#54641