[SecurityBundle] re-introduced parameters in the DIC for better overridability

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

@@ -62,7 +62,7 @@ class SecurityExtension extends Extension
 
         // set some global scalars
         $container->setParameter('security.access.denied_url', $config['access_denied_url']);
-        $container->getDefinition('security.authentication.session_strategy')->replaceArgument(0, $config['session_fixation_strategy']);
+        $container->setParameter('security.authentication.session_strategy.strategy', $config['session_fixation_strategy']);
         $container
             ->getDefinition('security.access.decision_manager')
             ->addArgument($config['access_decision_manager']['strategy'])

src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml

@@ -58,7 +58,7 @@
         </service>
 
         <service id="security.authentication.session_strategy" class="%security.authentication.session_strategy.class%" public="false">
-            <argument /> <!-- Strategy -->
+            <argument>%security.authentication.session_strategy.strategy%</argument>
         </service>
 
         <service id="security.encoder_factory.generic" class="%security.encoder_factory.generic.class%" public="false">