diff --git a/guides/map.rst.inc b/guides/map.rst.inc
index 366b04edf46..e6879a6938e 100644
--- a/guides/map.rst.inc
+++ b/guides/map.rst.inc
@@ -1,7 +1,7 @@
 * **Templating**:
 
-  * `Twig`_ | 
-  * :doc:`PHP </guides/templating/PHP>` | 
+  * `Twig`_ |
+  * :doc:`PHP </guides/templating/PHP>` |
   * :doc:`Recipes </guides/templating/recipes>`
 
 * **Doctrine**:
@@ -13,31 +13,32 @@
 
 * **Testing**:
 
-  * :doc:`Overview </guides/testing/overview>` | 
-  * :doc:`Configuration </guides/testing/configuration>` | 
-  * :doc:`Crawler </guides/testing/crawler>` | 
-  * :doc:`Client </guides/testing/client>` | 
+  * :doc:`Overview </guides/testing/overview>` |
+  * :doc:`Configuration </guides/testing/configuration>` |
+  * :doc:`Crawler </guides/testing/crawler>` |
+  * :doc:`Client </guides/testing/client>` |
   * :doc:`Recipes </guides/testing/recipes>`
 
 * **Validation**:
 
-  * :doc:`Overview </guides/validator/overview>` | 
-  * :doc:`Validation </guides/validator/validation>` | 
+  * :doc:`Overview </guides/validator/overview>` |
+  * :doc:`Validation </guides/validator/validation>` |
   * :doc:`/guides/validator/constraints`
 
 * **Forms**:
 
-  * :doc:`Overview </guides/forms/overview>` | 
+  * :doc:`Overview </guides/forms/overview>` |
   * :doc:`Templates </guides/forms/view>`
 
 * **Security**:
 
-  * :doc:`Overview </guides/security/overview>` | 
-  * :doc:`/guides/security/users` | 
-  * :doc:`/guides/security/authentication` | 
-  * :doc:`/guides/security/authorization` | 
-  * :doc:`ACLs </guides/security/acl>` | 
-  * :doc:`Advanced ACLs </guides/security/acl_advanced>`
+  * :doc:`Overview </guides/security/overview>` |
+  * :doc:`/guides/security/users` |
+  * :doc:`/guides/security/authentication` |
+  * :doc:`/guides/security/authorization` |
+  * :doc:`ACLs </guides/security/acl>` |
+  * :doc:`Advanced ACLs </guides/security/acl_advanced>` |
+  * :doc:`Configuration Reference </guides/security/config_reference>`
 
 * **Cache**:
 
@@ -47,19 +48,19 @@
 * :doc:`/guides/translation`
 * **Event Dispatcher**:
 
-  * :doc:`Overview </guides/event/overview>` | 
+  * :doc:`Overview </guides/event/overview>` |
   * :doc:`Recipes </guides/event/recipes>`
 
 * **Tools**:
 
-  * :doc:`/guides/tools/autoloader` | 
-  * :doc:`Finder </guides/tools/finder>` | 
-  * :doc:`/guides/tools/YAML` | 
+  * :doc:`/guides/tools/autoloader` |
+  * :doc:`Finder </guides/tools/finder>` |
+  * :doc:`/guides/tools/YAML` |
   * :doc:`Process </guides/tools/process>`
 
 * **Bundles**:
 
-  * :doc:`Best Practices </guides/bundles/best_practices>` | 
+  * :doc:`Best Practices </guides/bundles/best_practices>` |
   * :doc:`Configuration </guides/bundles/configuration>`
 
 * **Dependency Injection**:
@@ -68,8 +69,8 @@
 
 * **Internals**:
 
-  * :doc:`Overview </guides/internals/overview>` | 
-  * :doc:`Kernel </guides/internals/kernel>` | 
+  * :doc:`Overview </guides/internals/overview>` |
+  * :doc:`Kernel </guides/internals/kernel>` |
   * :doc:`Profiler </guides/internals/profiler>`
 
 * :doc:`Symfony2 for symfony 1 users</guides/symfony1>`
diff --git a/guides/security/config_reference.rst b/guides/security/config_reference.rst
new file mode 100644
index 00000000000..ffe8c8d7db0
--- /dev/null
+++ b/guides/security/config_reference.rst
@@ -0,0 +1,97 @@
+.. index::
+   single: Security; Configuration Reference
+   
+Configuration Reference
+=======================
+
+.. configuration-block::
+
+    .. code-block:: yaml
+        
+        # app/config/security.yml
+        security.config:
+            access_denied_url: /foo/error403
+        
+            # strategy can be: none, migrate, invalidate
+            session_fixation_strategy: migrate
+        
+            encoders:
+                MyBundle/Entity/MyUser: sha512
+                MyBundle/Entity/MyUser: plaintext
+                MyBundle/Entity/MyUser:
+                    algorithm: sha512
+                    encode_as_base64: true
+                    iterations: 5
+                MyBundle/Entity/MyUser:
+                    service: my.custom.encoder.service.id
+                    
+            providers:
+                memory:
+                    users:
+                        foo: { password: foo, roles: ROLE_USER }
+                        bar: { password: bar, roles: [ROLE_USER, ROLE_ADMIN] }
+                entity:
+                    entity: { class: SecurityBundle:User, property: username }
+                
+            firewalls:
+                somename:
+                    pattern: .*
+                    request_matcher: some.service.id
+                    access_denied_url: /foo/error403
+                    access_denied_handler: some.service.id
+                    entry_point: some.service.id
+                    provider: name
+                    context: name
+                    x509:
+                        provider: name
+                    http_basic:
+                        provider: name
+                    http_digest:
+                        provider: name
+                    form_login:
+                        check_path: /login_check
+                        login_path: /login
+                        use_forward: true
+                        always_use_default_target_path: false
+                        default_target_path: /
+                        target_path_parameter: _target_path
+                        use_referer: false
+                        failure_path: /foo
+                        failure_forward: false
+                        failure_handler: some.service.id
+                        success_handler: some.service.id
+                        username_parameter: _username
+                        password_parameter: _password
+                        post_only: true
+                        remember_me: false
+                    remember_me:
+                        token_provider: name
+                        key: someS3cretKey
+                        name: NameOfTheCookie
+                        lifetime: 3600 # in seconds
+                        path: /foo
+                        domain: somedomain.foo
+                        secure: true
+                        httponly: true
+                        always_remember_me: false
+                        remember_me_parameter: _remember_me
+                    logout:
+                        invalidate_session: false
+                        cookies: [a, b, c]
+                    anonymous: ~
+                    
+            access_control:
+                -
+                    path: /foo
+                    host: mydomain.foo
+                    ip: 192.0.0.0/8
+                    attributes:
+                        _controller: SomeController
+                    roles: [ROLE_A, ROLE_B]
+                    requires_channel: https
+                    
+            role_hierarchy:
+                ROLE_SUPERADMIN: [ROLE_ADMIN, ROLE_USER]
+                ROLE_FOO:        [ROLE_USER]
+                    
+
diff --git a/guides/security/index.rst b/guides/security/index.rst
index 82806221daf..118568cf7a8 100644
--- a/guides/security/index.rst
+++ b/guides/security/index.rst
@@ -10,3 +10,4 @@ Security
    authorization
    acl
    acl_advanced
+   config_reference