[Security] changed order of checks to check for more specific things first

2011-07-13 18:36:17 +02:00 · 2011-07-13 18:36:17 +02:00 · 29e4063825
commit 29e4063825
parent 4259530856
1 changed files with 8 additions and 8 deletions
--- a/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
@ -126,19 +126,19 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
            return;
        }

+        if (!$request->hasSession()) {
+            throw new \RuntimeException('This authentication method requires a session.');
+        }
+
        try {
-            if (null === $returnValue = $this->attemptAuthentication($request)) {
-                return;
-            }
-
-            if (!$request->hasSession()) {
-                throw new \RuntimeException('This authentication method requires a session.');
-            }
-
            if (!$request->hasPreviousSession()) {
                throw new SessionUnavailableException('Your session has timed-out, or you have disabled cookies.');
            }

+            if (null === $returnValue = $this->attemptAuthentication($request)) {
+                return;
+            }
+
            if ($returnValue instanceof TokenInterface) {
                $this->sessionStrategy->onAuthentication($request, $returnValue);