New in Symfony 3.4: Improved security listeners

Contributed by
Robin Chalas
in #23114 and #23105.

In Symfony applications, security listeners are used by firewalls to handle the security mechanisms configured, such as the Remember Me feature or the User Impersonation feature.

Some of these listeners are quite complex and require lots of dependencies (for example, the User Impersonation listener has nine constructor arguments). The main firewall listener iterates through all the configured listeners until one of them returns a Response object. In practice this means that most listeners are never executed even if they have been initialized.

In Symfony 3.4 we improved the security listeners to be lazy loaded. This means that only the executed listeners are initialized, slightly improving the overall performance. This improvement is automatically applied when you upgrade to Symfony 3.4, so you don't have to make any change in your application.

Security Listeners in the Profiler

In Symfony 3.1 we improved the security panel in the profiler to show you the configured voters and the full log of the Access Decision Manager. In Symfony 3.4, we improved that panel again to show more information about the listeners:

The new panel displays all the executed security listeners, the time it took to execute each of them and the values returned.

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.


Optimization is always good news :D

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.