SensioFrameworkExtraBundle vs JMSSecurityExtraBundle [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.

Closed 8 years ago.

Improve this question

I was trying to evaluate the best among JMSSecurityExtraBundle and SensioFrameworkExtraBundle. First is a popular security bundle and the other listed in symfony2 website.

While both provide the annotations to secure the methods of a controller via @Secure in JMS and @Security in Sensio, JMS security bundle provides more security options See here

I would like to ask the community which is the best bundle for Symfony 2.4

Answer 1

The @Security annotation was added to SensioFrameworkExtraBundle in version 2.4 of the bundle !

That means it does NOT work with a Symfony version < 2.4 because this version of the bundle requires the ExpressionLanguage component that was added in Symfony 2.4 to work.

Have a look at the bundle's composer.json.

Further the @Security annotation only works for controller classes because the check is performed in a subscriber that listens for the kernel.controller event.

The JMSSecurityExtraBundle can be configured to work with all defined services (not just controller classes). Further it ...

• works with symfony versions < 2.4
• provides slightly more features (i.e. the is_expr_granted twig function for symfony versions < 2.4)
• is less performant (due to it's architecture)
• uses a different license (Apache instead of MIT)

Hope that clarifies it a bit.