This indirectly fixes two bugs in Silex regarding Security and Twig.

The first is iftwig is loaded beforeboot() some services/parameters are not defined.

• twig asks forsecurity.authorization_checker
• security.authorization_checker asks forsecurity.authentication_manager
• security.authentication_manager asks forsecurity.authentication_providers
• security.authentication_providers are not completely defined untilsecurity.firewall_map is loaded (here).

I fixed this locally by wrapping thesecurity.authorization_checker service and loading thesecurity.firewall_map before hand:

// Load firewall map before this, because it defines a dependency needed.$factory =$app->raw('security.authorization_checker');$app['security.authorization_checker'] =function ($app)use ($factory) {$app['security.firewall_map'];return$factory($app);};

This technically fixed the problem, but it wouldn't be needed if the service wasn't loaded untilboot() where the firewall is loaded by default.

The second problem is a circular dependency. I was implementing an AccessDeniedHandler that rendered a template.

• security.firewall_map asks for AccessDeniedHandler service
• AccessDeniedHandler service asks fortwig
• twig asks forsecurity.firewall_map ....:boom:

And again this wouldn't be a problem iftwig didn't need theSecurityRuntime until it'sis_granted is called.

I don't see this as afeature since it only modifies private services. And Ido see this as abugfix even though it's for Silex and not Symfony. But I know it's a gray area. Twig Runtimes seem to be the way we are heading so I don't think this is a step in the wrong direction either.

I have a PR ready for Silex depending on the direction of this issue. Here's thediff.