symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/AnonymousTest.php
Copy file name to clipboard
+24Lines changed: 24 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/AnonymousTest.php
Copy file name to clipboard
+24Lines changed: 24 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AnonymousBundle/AppCustomAuthenticator.php
Copy file name to clipboard
+55Lines changed: 55 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AnonymousBundle/AppCustomAuthenticator.php
Copy file name to clipboard
+55Lines changed: 55 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Anonymous/bundles.php
Copy file name to clipboard
+15Lines changed: 15 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Anonymous/bundles.php
Copy file name to clipboard
+15Lines changed: 15 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Anonymous/config.yml
Copy file name to clipboard
+24Lines changed: 24 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Anonymous/config.yml
Copy file name to clipboard
+24Lines changed: 24 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Anonymous/routing.yml
Copy file name to clipboard
+5Lines changed: 5 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Anonymous/routing.yml
Copy file name to clipboard
+5Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Http/Firewall/AccessListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/AccessListener.php
+6-1Lines changed: 6 additions & 1 deletion b/‎src/Symfony/Component/Security/Http/Firewall/AccessListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/AccessListener.php
+6-1Lines changed: 6 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php
+2-1Lines changed: 2 additions & 1 deletion b/‎src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php
+2-1Lines changed: 2 additions & 1 deletion
@@ -0,0 +1,24 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Bundle\SecurityBundle\Tests\Functional;
+
+class AnonymousTest extends AbstractWebTestCase
+{
+    public function testAnonymous()
+    {
+        $client = $this->createClient(['test_case' => 'Anonymous', 'root_config' => 'config.yml']);
+
+        $client->request('GET', '/');
+
+        $this->assertSame(401, $client->getResponse()->getStatusCode());
+    }
+}
@@ -0,0 +1,55 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\AnonymousBundle;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\User\UserProviderInterface;
+use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
+
+class AppCustomAuthenticator extends AbstractGuardAuthenticator
+{
+    public function supports(Request $request)
+    {
+        return false;
+    }
+
+    public function getCredentials(Request $request)
+    {
+    }
+
+    public function getUser($credentials, UserProviderInterface $userProvider)
+    {
+    }
+
+    public function checkCredentials($credentials, UserInterface $user)
+    {
+    }
+
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
+    {
+    }
+
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
+    {
+    }
+
+    public function start(Request $request, AuthenticationException $authException = null)
+    {
+    }
+
+    public function supportsRememberMe()
+    {
+    }
+}
@@ -0,0 +1,15 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+return [
+    new Symfony\Bundle\FrameworkBundle\FrameworkBundle(),
+    new Symfony\Bundle\SecurityBundle\SecurityBundle(),
+];
@@ -0,0 +1,24 @@
+framework:
+    secret: test
+    router: { resource: "%kernel.project_dir%/%kernel.test_case%/routing.yml" }
+    validation: { enabled: true, enable_annotations: true }
+    csrf_protection: true
+    form: true
+    test: ~
+    default_locale: en
+    session:
+        storage_id: session.storage.mock_file
+    profiler: { only_exceptions: false }
+
+services:
+    Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\AnonymousBundle\AppCustomAuthenticator: ~
+
+security:
+    firewalls:
+        secure:
+            pattern: ^/
+            anonymous: false
+            stateless: true
+            guard:
+                authenticators:
+                    - Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\AnonymousBundle\AppCustomAuthenticator
@@ -0,0 +1,5 @@
+main:
+    path: /
+    defaults:
+        _controller: Symfony\Bundle\FrameworkBundle\Controller\RedirectController::urlRedirectAction
+        path: /app
@@ -18,6 +18,7 @@
 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
 use Symfony\Component\Security\Http\AccessMapInterface;
+use Symfony\Component\Security\Http\Event\LazyResponseEvent;
 
 /**
  * AccessListener enforces access control rules.
@@ -51,6 +52,10 @@ public function __construct(TokenStorageInterface $tokenStorage, AccessDecisionM
      */
     public function __invoke(RequestEvent $event)
     {
+        if (!$event instanceof LazyResponseEvent && null === $token = $this->tokenStorage->getToken()) {
+            throw new AuthenticationCredentialsNotFoundException('A Token was not found in the TokenStorage.');
+        }
+
         $request = $event->getRequest();
 
         list($attributes) = $this->map->getPatterns($request);
@@ -59,7 +64,7 @@ public function __invoke(RequestEvent $event)
             return;
         }
 
-        if (null === $token = $this->tokenStorage->getToken()) {
+        if ($event instanceof LazyResponseEvent && null === $token = $this->tokenStorage->getToken()) {
             throw new AuthenticationCredentialsNotFoundException('A Token was not found in the TokenStorage.');
         }
 
 
@@ -18,6 +18,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
 use Symfony\Component\Security\Http\AccessMapInterface;
+use Symfony\Component\Security\Http\Event\LazyResponseEvent;
 use Symfony\Component\Security\Http\Firewall\AccessListener;
 
 class AccessListenerTest extends TestCase
@@ -219,7 +220,7 @@ public function testHandleWhenAccessMapReturnsEmptyAttributes()
             ->willReturn($request)
         ;
 
-        $listener($event);
+        $listener(new LazyResponseEvent($event));
     }
 
     public function testHandleWhenTheSecurityTokenStorageHasNoToken()