New in Symfony 2.5: Create the Correct Denied HTTP Exception
Do you know the difference between
Their names look very similar and both deal with resources for which the user
does not have access. But which one should you use in a controller? This is
probably counter-intuitive, but you should use
Symfony\Component\Security\Core\Exception\AccessDeniedException. And when
using an IDE, you might import the wrong exception pretty easily. As this is a
frequent mistake, we even added a rule about this on SensioLabsInsight (and this violation is triggered quite
As of 2.5, you can now rely on a helper method that does the right thing (if
you are using the
throw $this->createAccessDeniedException('You cannot access this page!');
By the way,
is the exception class you want to use because it is automatically caught by
the Symfony Security Firewall, which generates the correct response for the
Comments are closed.
To ensure that comments stay relevant, they are closed for old posts.