diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
index 9da2d3b8a5..e4fa9008dd 100644
--- a/src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
+++ b/src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
@@ -42,6 +42,7 @@
class="Symfony\Component\Security\Core\Authentication\Authenticator\AnonymousAuthenticator"
abstract="true">
+
diff --git a/src/Symfony/Component/Security/Core/Authentication/Authenticator/AnonymousAuthenticator.php b/src/Symfony/Component/Security/Core/Authentication/Authenticator/AnonymousAuthenticator.php
index 78c80800aa..227981c696 100644
--- a/src/Symfony/Component/Security/Core/Authentication/Authenticator/AnonymousAuthenticator.php
+++ b/src/Symfony/Component/Security/Core/Authentication/Authenticator/AnonymousAuthenticator.php
@@ -14,6 +14,7 @@ namespace Symfony\Component\Security\Core\Authentication\Authenticator;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\User;
@@ -25,15 +26,18 @@ use Symfony\Component\Security\Core\User\UserInterface;
class AnonymousAuthenticator implements AuthenticatorInterface
{
private $secret;
+ private $tokenStorage;
- public function __construct(string $secret)
+ public function __construct(string $secret, TokenStorageInterface $tokenStorage)
{
$this->secret = $secret;
+ $this->tokenStorage = $tokenStorage;
}
public function supports(Request $request): ?bool
{
- return true;
+ // do not overwrite already stored tokens (i.e. from the session)
+ return null === $this->tokenStorage->getToken();
}
public function getCredentials(Request $request)
diff --git a/src/Symfony/Component/Security/Core/Authentication/GuardAuthenticationManager.php b/src/Symfony/Component/Security/Core/Authentication/GuardAuthenticationManager.php
index 68b542af97..a836353b61 100644
--- a/src/Symfony/Component/Security/Core/Authentication/GuardAuthenticationManager.php
+++ b/src/Symfony/Component/Security/Core/Authentication/GuardAuthenticationManager.php
@@ -86,12 +86,14 @@ class GuardAuthenticationManager implements AuthenticationManagerInterface
$this->handleFailure($exception, $token);
}
- if (true === $this->eraseCredentials) {
- $result->eraseCredentials();
- }
+ if (null !== $result) {
+ if (true === $this->eraseCredentials) {
+ $result->eraseCredentials();
+ }
- if (null !== $this->eventDispatcher) {
- $this->eventDispatcher->dispatch(new AuthenticationSuccessEvent($result), AuthenticationEvents::AUTHENTICATION_SUCCESS);
+ if (null !== $this->eventDispatcher) {
+ $this->eventDispatcher->dispatch(new AuthenticationSuccessEvent($result), AuthenticationEvents::AUTHENTICATION_SUCCESS);
+ }
}
return $result;
diff --git a/src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticatorListenerTrait.php b/src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticatorListenerTrait.php
index 245f02c906..ac1cb8200c 100644
--- a/src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticatorListenerTrait.php
+++ b/src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticatorListenerTrait.php
@@ -150,6 +150,11 @@ trait GuardAuthenticatorListenerTrait
throw new \UnexpectedValueException('Invalid guard authenticator passed to '.__METHOD__.'. Expected AuthenticatorInterface of either Security Core or Security Guard.');
}
+ // @todo implement remember me functionality
+ if (!isset($this->rememberMeServices)) {
+ return;
+ }
+
if (null === $this->rememberMeServices) {
if (null !== $this->logger) {
$this->logger->debug('Remember me skipped: it is not configured for the firewall.', ['authenticator' => \get_class($guardAuthenticator)]);