The Symfony project has a section called sfGuardPlugin Extra Documentation.
It’s worth a read, especially the part about using the sfGuardUserProfile calls.
The docs haven’t been updated since March, so if something isn’t working, please refer to my previous blog post on installing the sfGuardPlugin.
I’d like to state that personally, there isn’t really the right way to do this. Sometimes you already have a table that has a username and password. You can skip using the sfGuardAuth password tables by doing the following:
sf_guard_plugin: algorithm_callable: md5 success_signin_url: @homepage profile_class: sfGuardUserProfile profile_field_name: account_id check_password_callable: [Account, checkPassword]
The important line here is check_password_callable, where you are telling symfony to use the Account table and to use your own checkPassword method.