Symfony2: Custom Authentication Provider

Source: How to create a custom Authentication Provider

Regarding Security, in Symfony you have 2 providers. One is an Authentication provider and the other is an UserProvider.

  • An authentication provider is used to extract information from a request to be used  to identify the user.
  • An user provider is used to check if the user found by the authentication provider exists on our pool of users.
So basically, the authentication provider finds information about an user on the Request and creates a TOKEN with that information. This token contains the credentials of the users. With that token, the security bundle tries to find a user using the available user Provider and tries to see if it finds one that has/match the currently found user Token. If nothing is found, an error is thrown telling so.
Easy to understand example ( AP = Authentication provider. UP = User Provider ):
AP:  -Hey UP, i think i found an user on the request, take a look at this token-
UP:  -let me see… Mmhh.. yeah, i found one, your token is valid!-
AP: -Ok, thanks. Hey Symfony Security layer, this token is valid!-