In Symfony 5.1 we introduced a new security authentication system as an experimental feature. Twelve months after its introduction, and having been tested by many developers in real applications, we're confident enough to mark it as stable and recommend using it in all Symfony applications.
That's why we made the decision to deprecate the old authentication mechanism and also deprecate the Guard component in Symfony 5.3. This change came a bit late (during the Release Candidate phase) and some of you might be unaware of it.
The new authentication system changes the internals of Symfony security to make it more extensible and more understandable. It's mostly backwards compatible with the previous Guard-based system, with some important exceptions:
- Anonymous users no longer exist;
- If you use more than one authenticator, you must configure the authentication entry point;
- The authentication providers are refactored into Authenticators.
All this is explained in the new authentication system docs, which also explains how to create your own custom authenticator.
Thanks to these changes, we're finally happy with the Symfony security authentication system, and we hope to use it to implement many interesting new features in upcoming Symfony versions.
The security system is now more understandable ! The only problem i encountered was with an external bundle (Sensio Security annotation with anonymous user).
So Ryan will have to create newer version of "Symfony Security: Beautiful Authentication, Powerful Authorization" tutorial :)