Member-only story

Symfony’s Security Key Concepts in 5 minutes

Let’s go over the obscure terms and concepts of this critical component

Alexandre Daubois
The SensioLabs Tech Blog
5 min readDec 21, 2021

Photo by JESUS ECA on Unsplash

Can I have 5 minutes of your time? That’s all I need to help you step up about Symfony 6 Security component. It’s sometimes hard to understand everything in here. Well, you don’t have to understand everything of course. But having the knowledge of the different parts and terms used will significantly help you understanding what you’re doing. Without waiting furthermore, let’s get into it.

User, password and roles

Everything begins with users. Symfony offers a UserInterface you can implement so your model is compatible with the security layer and match your exact needs. An user has an unique identifier to differentiate it from other users. This identifier can be anything you want: an integer, an email, an UUID. It’s up to you.

An user is also attached to one or multiple roles. These roles are used afterwards to make decisions on resources access. Roles can be organised hierarchically. This means if you have a role, you can inherit of other roles. For instance, a super admin user is likely to have all the defined roles in your application. Finally, a PasswordHasher is used to encrypt passwords.

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Or, continue in mobile web

Already have an account? Sign in

The SensioLabs Tech Blog
The SensioLabs Tech Blog

Published in The SensioLabs Tech Blog

SensioLabs is the creator of the Open-Source framework Symfony. SensioLabs supports companies using PHP and Symfony, with consultancy, expertise, services, training and support. Our team shares articles and opinions to start a conversation within the community.

Alexandre Daubois
Alexandre Daubois

Written by Alexandre Daubois

Lead Developer at Wanadev // Open-source contributor

No responses yet

What are your thoughts?