@@ -171,7 +171,7 @@ focus on the most important methods that come from the
171171
172172note ::
173173
174- When implementing the
174+ If you choose to implement
175175:class: `Symfony\\ Component\\ Security\\ Core\\ User\\ EquatableInterface `,
176176 you determine yourself which properties need to be compared to distinguish
177177 your user objects.
@@ -198,35 +198,27 @@ interface forces the class to implement the five following methods:
198198
199199For more details on each of these, see:class: `Symfony\\ Component\\ Security\\ Core\\ User\\ UserInterface `.
200200
201- ..versionadded ::2.1
202- In Symfony 2.1, the ``equals `` method was removed from ``UserInterface ``.
203- If you need to override the default implementation of comparison logic,
204- implement the new:class: `Symfony\\ Component\\ Security\\ Core\\ User\\ EquatableInterface `
205- interface and implement the ``isEqualTo `` method.
206-
207- ..code-block ::php
208-
209- // src/Acme/UserBundle/Entity/User.php
210-
211- namespace Acme\UserBundle\Entity;
212-
213- use Symfony\Component\Security\Core\User\EquatableInterface;
214-
215- // ...
216-
217- public function isEqualTo(UserInterface $user)
218- {
219- return $this->id === $user->getId();
220- }
221-
222- note ::
201+ ..sidebar ::What is the importance of serialize and unserialize?
223202
224203 The:phpclass: `Serializable ` interface and its ``serialize `` and ``unserialize ``
225204 methods have been added to allow the ``User `` class to be serialized
226205 to the session. This may or may not be needed depending on your setup,
227- but it's probably a good idea. Only the ``id `` needs to be serialized,
228- because the:method: `Symfony\\ Bridge\\ Doctrine\\ Security\\ User\\ EntityUserProvider::refreshUser `
229- method reloads the user on each request by using the ``id ``.
206+ but it's probably a good idea. The ``id `` is the most important value
207+ that needs to be serialized because the
208+ :method: `Symfony\\ Bridge\\ Doctrine\\ Security\\ User\\ EntityUserProvider::refreshUser `
209+ method reloads the user on each request by using the ``id ``. In practice,
210+ this means that the User object is reloaded from the database on each
211+ request using the ``id `` from the serialized object. This makes sure
212+ all of the User's data is fresh.
213+
214+ Symfony also uses the ``username ``, ``salt ``, and ``password `` to verify
215+ that the User has not changed between requests. Failing to serialize
216+ these may cause you to be logged out on each request. If your User implements
217+ :class: `Symfony\\ Component\\ Security\\ Core\\ User\\ EquatableInterface `,
218+ then instead of these properties being checked, your ``isEqualTo `` method
219+ is simply called, and you can check whatever properties you want. Unless
220+ you understand this, you probably *won't * need to implement this interface
221+ or worry about it.
230222
231223Below is an export of the ``User `` table from MySQL with user ``admin `` and
232224password ``admin `` (which has been encoded). For details on how to create