Symfony News

New in Symfony 5.3: Guard Component Deprecation

Robin Chalas

Contributed by
Robin Chalas
in #41247.

In Symfony 5.1 we introduced a new security authentication system as an experimental feature. Twelve months after its introduction, and having been tested by many developers in real applications, we’re confident enough to mark it as stable and recommend using it in all Symfony applications.

That’s why we made the decision to deprecate the old authentication mechanism and also deprecate the Guard component in Symfony 5.3. This change came a bit late (during the Release Candidate phase) and some of you might be unaware of it.

The new authentication system changes the internals of Symfony security to make it more extensible and more understandable. It’s mostly backwards compatible with the previous Guard-based system, with some important exceptions:

  • Anonymous users no longer exist;
  • If you use more than one authenticator, you must configure the authentication entry point;
  • The authentication providers are refactored into Authenticators.

All this is explained in the new authentication system docs, which also explains how to create your own custom authenticator.

Thanks to these changes, we’re finally happy with the Symfony security authentication system, and we hope to use it to implement many interesting new features in upcoming Symfony versions.

Sponsor the Symfony project.

About us

What a Symfony developer should know about the framework: News, Jobs, Tweets, Events, Videos,...

Find us on Twitter

Find us on Facebook