The @Security
annotation was added to SensioFrameworkExtraBundle
in version 2.4
of the bundle !
That means it does NOT work with a Symfony version < 2.4 because this version of the bundle requires the ExpressionLanguage
component that was added in Symfony 2.4 to work.
Have a look at the bundle's composer.json.
Further the @Security
annotation only works for controller classes because the check is performed in a subscriber that listens for the kernel.controller
event.
The JMSSecurityExtraBundle
can be configured to work with all defined services (not just controller classes). Further it ...
- works with symfony versions < 2.4
- provides slightly more features (i.e. the
is_expr_granted
twig function for symfony versions < 2.4) - is less performant (due to it's architecture)
- uses a different license (Apache instead of MIT)
Hope that clarifies it a bit.