Authenticator Based Security
Note: This feature is available since v10.5
As Pimcore uses the Symfony Security Component for authentication/authorization of Admin interface and also provides the capabilities to use the same security component on frontend websites. It is important to adapt the ongoing changes in Symfony security component.
As starting with Symfony 5.3, a new Authenticator based security is introduced and old authentication system is deprecated. It is highly recommended to migrate to new Authentication system.
By default, Pimcore uses old authentication system for backward compatibility reasons. To use new authenticator, add symfony config:
security: enable_authenticator_manager: true
security.yaml to adapt new changes. See demo changes here
Points to consider when moving to new Authenticator:
- New authentication system works with
Password Hasher Factoryinstead of
BruteforceProtectionHandlerwill be replaced with
Custom Guard Authenticatorwill be replaced with
- Anonymous user no longer exist.
For more information on new Authenticator Based Security, please read the Symfony Security Component documentation.