Some of these listeners are quite complex and require lots of dependencies
(for example, the User Impersonation listener has nine constructor arguments).
The main firewall listener iterates through all the configured listeners until
one of them returns a
Response object. In practice this means that most
listeners are never executed even if they have been initialized.
In Symfony 3.4 we improved the security listeners to be lazy loaded. This means that only the executed listeners are initialized, slightly improving the overall performance. This improvement is automatically applied when you upgrade to Symfony 3.4, so you don't have to make any change in your application.
In Symfony 3.1 we improved the security panel in the profiler to show you the configured voters and the full log of the Access Decision Manager. In Symfony 3.4, we improved that panel again to show more information about the listeners:
The new panel displays all the executed security listeners, the time it took to execute each of them and the values returned.
What a Symfony developer should know about the framework: News, Jobs, Tweets, Events, Videos,...