[Security] Symfony 6.x IsGranted attribute ignored at the controller class level

### Symfony version(s) affected

6.x

### Description

The attribute `IsGranted` is ignored / not working when it is defined at the controller class level and when the controller service is lazy

Symfony doc about the feature at controller class level : https://symfony.com/doc/current/security.html#security-securing-controller-attributes

NB: at controller action level it works, this only happen when configured at the class level

### How to reproduce

In this example, the attribute IsGranted doesn't deny the access to any user

```php
use Symfony\Component\Security\Http\Attribute\IsGranted;

#[IsGranted('ROLE_ADMIN')]
class AdminController extends AbstractController
{
    public function adminDashboard(): Response
    {
        ...
    }
}
```

```yaml
    App\Controller\:
        resource: '../src/Controller/'
        lazy: true
```

### Possible Solution

_No response_

### Additional Context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

[Security] Symfony 6.x IsGranted attribute ignored at the controller class level #54542

Symfony version(s) affected

Description

How to reproduce

Possible Solution

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

[Security] Symfony 6.x IsGranted attribute ignored at the controller class level #54542

Description

Symfony version(s) affected

Description

How to reproduce

Possible Solution

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions