Symfony 2 receiving anonymous token after basic authentication
Your dev environment is probably running PHP as mod_php while your staging server is probably running it as FastCGI. By default, the PHP_AUTH_USER
and PHP_AUTH_PW
server variables are not filled in this context when you authenticate via HTTP basic, and these are what Symfony is using to create the Security context and validate your password.
If you're running this as FCGI on Apache you can fix this. One is to force FastCGI to pass the Authorization header, which it normally suppresses. Add this to the Apache site definition next to the other FastCGI configuration options:
FcgidPassHeader Authorization
For other applications you may also need to mess around to a greater degree (as described here) but for Symfony just passing the header should be sufficient.