The Symfony Security Component provides a two-layer security system: first it authenticates a user, then is authorizes him for the current request. Authentication means "identify yourself". Authorization means: "let's see if you have the right to be here". The deciding authority in this case will be the AccessDecisionManager. It has a number of voters (which you may create yourself too). Each vote