New in Symfony 5.3: Guard Component Deprecation
Symfony 5.3 is backed by:
Warning: This post is about an unsupported Symfony version. Some of this information may be out of date. Read the most recent Symfony Docs.
In Symfony 5.1 we introduced a new security authentication system as an experimental feature. Twelve months after its introduction, and having been tested by many developers in real applications, we're confident enough to mark it as stable and recommend using it in all Symfony applications.
That's why we made the decision to deprecate the old authentication mechanism and also deprecate the Guard component in Symfony 5.3. This change came a bit late (during the Release Candidate phase) and some of you might be unaware of it.
The new authentication system changes the internals of Symfony security to make it more extensible and more understandable. It's mostly backwards compatible with the previous Guard-based system, with some important exceptions:
- Anonymous users no longer exist;
- If you use more than one authenticator, you must configure the authentication entry point;
- The authentication providers are refactored into Authenticators.
All this is explained in the new authentication system docs, which also explains how to create your own custom authenticator.
Thanks to these changes, we're finally happy with the Symfony security authentication system, and we hope to use it to implement many interesting new features in upcoming Symfony versions.
Comments are closed.
To ensure that comments stay relevant, they are closed for old posts.