Symfony 6.3.12 use user info from SimpleSAMLphp to programmatically login not working

class SamlController extends AbstractController
{

    private LoggerInterface $logger;
    private EntityManagerInterface $entityManager;
    private UserPasswordHasherInterface $userPasswordHasher;
    private UserAuthenticatorInterface $userAuthenticator;

    public function __construct(LoggerInterface $logger, EntityManagerInterface $entityManager, UserPasswordHasherInterface $userPasswordHasher, UserAuthenticatorInterface $userAuthenticator)
    {
        $this->logger = $logger;
        $this->entityManager = $entityManager;
        $this->userPasswordHasher = $userPasswordHasher;
        $this->userAuthenticator = $userAuthenticator;
    }

    #[Route('/saml/login', name: 'saml_login')]
    public function saml(Request $request, Security $security, string $sp = "default-sp", ): Response
    {
        $session = $request->getSession();
        $userInfo = $this->samlMSAuth($sp);
        $user = $this->entityManager->getRepository(Zuser::class)->findOneBy(['email' => 'email@example.com']);

        $security->login($zuser, 'security.authenticator.form_login.main', 'main');
        return $this->redirect('/home');
    }

    #[Route('/saml/logout', name: 'saml_logout')]
    public function samlLogout(Security $security): Response
    {
        $security->logout(false);
        return $this->redirectToRoute('saml_login');
    }

    public function samlMSAuth(string $sp = "default-sp")
    {
        $as = new \SimpleSAML\Auth\Simple($sp);
        $as->requireAuth();
        $attributes = $as->getAttributes();
        $email = $attributes['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'];
        $surname = $attributes['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname'];
        $givenname = $attributes['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname'];
        $userInfo = [
            "Email" => $email[0],
            "Surname" => $surname[0],
            "Givenname" => $givenname[0],
        ];
        return $userInfo;
    }
}

When uses $userInfo = $this->samlMSAuth($sp); to obtain the user info (email for database search), if you render a page at the end of return, with Symfony Debugger, you can see the user is logon.

But when you navigates to other pages, the user is no longer logon.

But remove $userInfo = $this->samlMSAuth($sp); and hardcoded the email and login programmatically, the user persists through all pages.

        $as = new \SimpleSAML\Auth\Simple($sp);
        $as->requireAuth();

Above code will redirect to microsoft login page and back to the webapp. Even if the session got messed up, it created a new session after login, but why it's not persist?

Session before login is empty, Tried $request->getSession()->set('_security_main', serialize($token));

The session should be persist during the redirect, but somehow it doesn't.

But removes $userInfo = $this->samlMSAuth($sp); so without external redirect, everything works.

How do I resolve this problem?

Fixed, make sure Symfony share same session name with SimpleSAMLphp...