Exception : Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken::serialize() must return a string or NULL

I have encountered something similar, and after some research, I tried the same things as you did.

But at some point, I found out that by setting the __sleep method, every thing worked fine.

class User implements PlayerInterface{    /**     * @var integer $id     *     * @ORM\Column(name="id", type="integer")     * @ORM\Id     * @ORM\GeneratedValue(strategy="AUTO")     */    private $id;...    public function __sleep()    {        return array('id');    }...

• Make sure that the field which is defined as @ORM\Id is part of the returned array.
• Make sure to drop the browser cookie, since it uses the session.

I don't know exactly why it causes this when setting up a new association (mine was a ManyToMany), but It probably originate from this place:

// see Symfony\Component\Security\Http\Firewall\ContextListener::onKernelResponse()...        $event->getRequest()            ->getSession()            ->set('_security_'.$this->contextKey, serialize($token));...

Hope this could help someone.

Edit:

References:

• http://forum.symfony-project.org/viewtopic.php?f=23&t=35764
• http://translate.google.com/translate?hl=en&sl=es&u=http://jonsegador.com/2012/03/error-con-symfony2-you-cannot-refresh-a-user-from-the-entityuserprovider-that-does-not-contain-an-identifier/

For me only this worked:

class User implements UserInterface

to

class User implements UserInterface, \Serializable

and I needed to add following methods to User class:

public function serialize() {    return serialize($this->username);}public function unserialize($data) {    $this->username = unserialize($data);}

There is another possibility to solve this issue. You have to make the visibility of all properties of the entities which are associated with your user to 'protected'

See: http://www.metod.si/symfony2-error-usernamepasswordtokenserialize-must-return-a-string-or-null/