Remove public credentials from Gentelella skeleton

Question

I want to:

1. Remove the public credentials admin/password from the Gentelella login process in prod env and

2. Be able to login with created users in prod env

I use the skeleton for symfony provided here.

Right now it looks like this:

1. I can still login in prod env although in my database table for fosUserBundle no user "admin" is left.

2. Upon login providing valid credentials for a user I get a 403 - Access Denied page. This user was added using the command line tools and promoted to ROLE_ADMIN.

I think I'm missing something simple but crucial here.

What I've tried:

• In dev env (/app_dev.php/login) everything works fine: I cannot login with admin/password, but I can login with new created users.

• No user "admin" left in the database

• flushed the caches, for prod and for env

• I searched all files in the project folder for "admin" and "password", but I cannot find any hardcoded login data, only the mentioning in templates/twig

• I cannot find any documentation about this - of course I may be searching for the wrong things

Edit2: security.yml

# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
    in_memory:
        memory: ~
    fos_userbundle:
        id: fos_user.user_provider.username

firewalls:
    # disables authentication for assets and the profiler, adapt it according to your needs

    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    main:
        anonymous: ~

        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_token_generator: security.csrf.token_manager
            # if you are using Symfony < 2.8, use the following config instead:
            # csrf_provider: form.csrf_provider

        logout:       true
        anonymous:    true

        # activate different ways to authenticate

        # http_basic: ~
        # http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate

        # form_login: ~
        # http://symfony.com/doc/current/cookbook/security/form_login_setup.html

encoders:
    FOS\UserBundle\Model\UserInterface: bcrypt

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, role: ROLE_ADMIN }