[SOLVED] Symfony fails to load route post upgrade to Pimcore v11

Symfony fails to load route post upgrade to Pimcore v11

Currently upgraded from Pimcore 10.6.9 to Pimcore 11

the command bin/console --ansi cache:clear used to display errors that I have fixed. Now that the command executed successfully , I am stuck at loading the home page and the admin page routes.

I get the following errors

while loading /

UnexpectedSessionUsageException [HTTP 500 Internal Server Error]

Session was used while the request was declared stateless.

while loading /admin

AccessDeniedException - InsufficientAuthenticationException - HttpException [ HTTP 401 Unauthorized]

Full authentication is required to access this resource.

Currently using Symfony 6.3.7

I am unable to determine where the issue lies.

Here is a sample of my security.yaml file located at pomodoro\config\packages\security.yaml

`security: enable_authenticator_manager: true

providers:
    pimcore_admin:
        id: Pimcore\Security\User\UserProvider

firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    pimcore_admin_webdav:
        pattern: ^/admin/asset/webdav
        provider: pimcore_admin
        http_basic: ~

    pimcore_admin:
        pattern: ^/admin(/.*)?$
        stateless: true
        provider: pimcore_admin
        login_throttling:
            max_attempts: 3
            interval: '5 minutes'

        logout:
            path: pimcore_admin_logout
            target: pimcore_admin_login
        custom_authenticators:
            - Pimcore\Bundle\AdminBundle\Security\Authenticator\AdminTokenAuthenticator
        two_factor:
            auth_form_path: /admin/login/2fa                   # Path or route name of the two-factor form
            check_path: /admin/login/2fa-verify                # Path or route name of the two-factor code check
            default_target_path: /admin            # Where to redirect by default after successful authentication
            always_use_default_target_path: false  # If it should always redirect to default_target_path
            auth_code_parameter_name: _auth_code   # Name of the parameter for the two-factor authentication code
            trusted_parameter_name: _trusted       # Name of the parameter for the trusted device option
            multi_factor: false                    # If ALL active two-factor methods need to be fulfilled (multi-factor authentication)

access_control:
    # Pimcore admin ACl  // DO NOT CHANGE!
    - { path: ^/admin/settings/display-custom-logo, roles: PUBLIC_ACCESS }
    - { path: ^/admin/login/2fa-verify, roles: IS_AUTHENTICATED_2FA_IN_PROGRESS}
    - { path: ^/admin/login/2fa, roles: IS_AUTHENTICATED_2FA_IN_PROGRESS}
    - { path: ^/admin/login$, roles: PUBLIC_ACCESS }
    - { path: ^/admin/login/(login|lostpassword|deeplink|csrf-token)$, roles: PUBLIC_ACCESS }
    - { path: ^/admin, roles: ROLE_PIMCORE_USER }

role_hierarchy:
    # Pimcore admin  // DO NOT CHANGE!
    ROLE_PIMCORE_ADMIN: [ROLE_PIMCORE_USER]

Solution

set security.firewalls.pimcore_admin: '%pimcore_admin_bundle.firewall_settings%'