Security is a huge topic and a source of endless debate. This chapter showed you how to craft authentication and authorization mechanisms in Symfony, but it's important to understand that security does not stop there. Depending on the level of security required by your application, you should always do your research on how to best make it safe for you and your users.

Although creating your own authentication method is a bit complex in Symfony, it's done in a way that is highly modular and customizable. For that reason, most authentication schemes you might encounter will already have an existing third-party bundle that you could use, relieving you of the implementation effort.

We also saw how roles, ACLs, and voters can be used independently or together to give various authorizations to different users. Roles, combined with voters, allow for a powerful and expressive way to control access.

In the next chapter, we will take a break from Symfony to talk about Doctrine. Doctrine is not...