AuthenticationException A Token was not found in the TokenStorage?

Question

I've upgraded to Symfony 5, I faced an issue with security I am not able to open the login page. when I access the public folder from localhost it's redirecting me to

.../public/login with 404 header

I am using PHP 8.0.8 on MAMP pro mac version.

Did I miss something in security.yaml?

framework.yaml

# see https://symfony.com/doc/current/reference/configuration/framework.html
framework:
    secret: '%env(APP_SECRET)%'
    #csrf_protection: true
    #http_method_override: true

    # Enables session support. Note that the session will ONLY be started if you read or write from it.
    # Remove or comment this section to explicitly disable session support.
    session:
        handler_id: 'session.handler.native_file'
        save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
        cookie_secure: true 
        cookie_samesite: 'none'
#        cookie_secure: auto
#        cookie_samesite: lax

    #esi: true
    #fragments: true
    php_errors:
        log: true

security.yaml

security:
    encoders:
        App\Entity\User:
            algorithm: auto

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
            entity:
                class: App\Entity\User
                property: email
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            anonymous: false
            lazy: false
            provider: app_user_provider
            guard:
                authenticators:
                    - App\Security\LoginFormAuthenticator
            logout:
                path: app_logout
                # where to redirect after logout
                # target: app_any_route

            # activate different ways to authenticate
            # https://symfony.com/doc/current/security.html#firewalls-authentication

            # https://symfony.com/doc/current/security/impersonating_user.html
            # switch_user: true

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        # - { path: ^/admin, roles: ROLE_ADMIN }
        # - { path: ^/profile, roles: ROLE_USER }
        - { path: ^/efconnect, role: ROLE_USER }
        - { path: ^/elfinder, role: ROLE_USER }
    

The error log :

[2021-08-21T09:44:38.264832+00:00] request.INFO: Matched route "app_process_process_show". {"route":"app_process_process_show","route_parameters":{"_route":"app_process_process_show","_controller":"App\\Controller\\ProcessBundle\\ProcessController::show"},"request_uri":"http://localhost:8888/site/public/","method":"GET"} []
[2021-08-21T09:44:38.270837+00:00] security.DEBUG: Checking for guard authentication credentials. {"firewall_key":"main","authenticators":1} []
[2021-08-21T09:44:38.270998+00:00] security.DEBUG: Checking support on guard authenticator. {"firewall_key":"main","authenticator":"App\\Security\\LoginFormAuthenticator"} []
[2021-08-21T09:44:38.271146+00:00] security.DEBUG: Guard authenticator does not support the request. {"firewall_key":"main","authenticator":"App\\Security\\LoginFormAuthenticator"} []
[2021-08-21T09:44:38.289628+00:00] security.INFO: An AuthenticationException was thrown; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AuthenticationCredentialsNotFoundException(code: 0): A Token was not found in the TokenStorage. at /Users/xx/Documents/Sites/site/vendor/symfony/security-http/Firewall/AccessListener.php:70)"} []
[2021-08-21T09:44:38.289822+00:00] security.DEBUG: Calling Authentication entry point. [] []

Answer 1

Your config says that you don't accept anonymous users. Your only Guard does not support the current request. So since unauthorised users are not allowed and we cannot authorise the request, this exception is thrown.

Solve it by doing anonymous: true.