Symfony 1.2 new RESTful routing system should allow "lazy" calling of sfObjectRoute loading method, eg. to allow hooking in the security checks: maybe we don't want to load object(s) if the user is not allowed to (currently, the routing procedures are ran before the security rules are applied).
- sfObjectRoute route is matched regarding the incoming url,
- An event is dispatched here (named route.object_requested?), then:
- if callback return false, HTTP 403 (defaut secure action), else:
- if true, really execute the query and retrieve the resource
This could ensure a kind of REST authentication handling. Of course caching could solve the problem but we don't always use it for every project.