diff --git a/src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php b/src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php
index 3b62c41253..5e6eba339b 100644
--- a/src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php
+++ b/src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php
@@ -46,6 +46,7 @@ class GuardAuthenticatorHandler
      */
     public function authenticateWithToken(TokenInterface $token, Request $request)
     {
+        $this->migrateSession($request);
         $this->tokenStorage->setToken($token);
 
         if (null !== $this->dispatcher) {
@@ -127,4 +128,16 @@ class GuardAuthenticatorHandler
             is_object($response) ? get_class($response) : gettype($response)
         ));
     }
+
+    private function migrateSession(Request $request)
+    {
+        if (!$request->hasSession() || !$request->hasPreviousSession()) {
+            return;
+        }
+
+        // Destroying the old session is broken in php 5.4.0 - 5.4.10
+        // See https://bugs.php.net/63379
+        $destroy = \PHP_VERSION_ID < 50400 || \PHP_VERSION_ID >= 50411;
+        $request->getSession()->migrate($destroy);
+    }
 }