[Security] fixed automatic registration of the response listener when…

… creating the listener

This is not a problem with Symfony, but when using the component
standalone (Silex for instance), the context listener might be
instantiated even if the firewall does not need to be fired. In that
case, the handle() method is not called, but the response listener is
called, which means that en empty token is stored in the session.

For Silex, it means that when authenticated, if you visit a 404 page,
you would be disconnected automatically.

Http/Firewall/ContextListener.php

@@ -37,6 +37,7 @@ class ContextListener implements ListenerInterface
     private $contextKey;
     private $logger;
     private $userProviders;
+    private $dispatcher;
 
     public function __construct(SecurityContextInterface $context, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
     {
@@ -54,10 +55,7 @@ public function __construct(SecurityContextInterface $context, array $userProvid
         $this->userProviders = $userProviders;
         $this->contextKey = $contextKey;
         $this->logger = $logger;
-
-        if (null !== $dispatcher) {
-            $dispatcher->addListener(KernelEvents::RESPONSE, array($this, 'onKernelResponse'));
-        }
+        $this->dispatcher = $dispatcher;
     }
 
     /**
@@ -67,6 +65,10 @@ public function __construct(SecurityContextInterface $context, array $userProvid
      */
     public function handle(GetResponseEvent $event)
     {
+        if (null !== $this->dispatcher && HttpKernelInterface::MASTER_REQUEST === $event->getRequestType()) {
+            $this->dispatcher->addListener(KernelEvents::RESPONSE, array($this, 'onKernelResponse'));
+        }
+
         $request = $event->getRequest();
 
         $session = $request->hasPreviousSession() ? $request->getSession() : null;