Outline of how it’s involved in Symfony2:
- AppKernel -> handle is called ( look app.php )
- FrameworkBundle :: HttpKernel’s -> handle is called
- Component :: HttpKernel’s handle is called. Which then calls handleRaw
- The HttpKernel dispatches an kernel.request event.
- The event is captured by a Firewall previously set as a listener by the SecurityBundle’s security.xml
- The onKernelRequest method of this Firewall is called.
- The firewall loops trough all the AuthenticationListeners which where set here ( lines 213 to 225 ) as part of the Firewall and call it’s handle method.
- If a security violation is detected ( the authentication listeners will throw this exceptions ), a kernel.exception is detected by an ExceptionListener previosuly set in security_listeners.xml and registered in the Firewall at the time of the Request.