Security component from Symfony 2.0 as standalone

The SecurityServiceProvider for Silex might be a good place to start, as it integrates all of the essential component services in a single file. Although large, you'll probably find it much easier to digest than Symfony2's SecurityBundle.

In the interest of maintaining your sanity, you should consider using a service container to organize all of these objects. In the aforementioned provider class, the Silex Application class is a Pimple instance, so you should be able to port it stand-alone Pimple with modest effort. I saw this because integrating a Pimple service container into your application should be less invasive than adopting the Silex framework.

Once you have the essential security component classes working, you should be able to following along with the ACL documentation and add additional services to your container as needed. At that point, the ACL-specific sections of the SecurityBundle might prove helpful, as you can focus in on the relevant bits. Keep in mind that there are multiple cookbook entries for ACL in the documentation.

What class to include first?

You will most likely need to include at least parts if not all of the security core, then which ever ACL implementation that you are wanting to use. You can look at the dependencies that are listed in the beginning of the ACL implementation and see what they extend. For instance, the ACL/DBAL has the following dependencies called in the header:

namespace Symfony\Component\Security\Acl\Dbal;use Doctrine\DBAL\Driver\Connection;use Doctrine\DBAL\Driver\Statement;use Symfony\Component\Security\Acl\Model\AclInterface;use Symfony\Component\Security\Acl\Domain\Acl;use Symfony\Component\Security\Acl\Domain\Entry;use Symfony\Component\Security\Acl\Domain\FieldEntry;use Symfony\Component\Security\Acl\Domain\ObjectIdentity;use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;use Symfony\Component\Security\Acl\Exception\AclNotFoundException;use Symfony\Component\Security\Acl\Exception\NotAllAclsFoundException;use Symfony\Component\Security\Acl\Model\AclCacheInterface;use Symfony\Component\Security\Acl\Model\AclProviderInterface;use Symfony\Component\Security\Acl\Model\ObjectIdentityInterface;use Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface;

But you would probably need to check each of those listed for their dependencies, and load those as well.

I would back-track through the dependencies, and keep track of what needs what. Cull those classes out into a separate location so that you have only what you need, and use some error trapping to determine that you have it all.

Which object to instance?

Your ACL. If the dependencies are all determined, and loaded, then you should be able to instantiate the ACL class object.

Is it possible to be used without models and controllers?

To be honest, I am not sure that using ACL outside of S2 is possible without a WHOLE lot of work, but if you can get it instantiated with everything it needs, then you should be able to use the object without an MVC model.

Unfortunately, from what I understand of S2, it is a full stack framework, and meant to be an all or nothing kind of thing. but if I were going to try and make it work, this would be the way I would go about it.

If u want to understand how to use use symfony2 component and how to integrate that within your project then read Fabien Potencier blog 'create your own framework' post that will definitely help u to understand core of framework from and how to bootstrap symfony2 component in your project

there is also good document for ACL on symfony website