[Security] changed order of checks to check for more specific things …

…first
symfony · Jul 13, 2011 · 29e4063 · 29e4063
1 parent 4259530
commit 29e4063
Showing 1 changed file with 8 additions and 8 deletions.
diff --git a/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
@@ -126,19 +126,19 @@ public final function handle(GetResponseEvent $event)
             return;
         }
 
-        try {
-            if (null === $returnValue = $this->attemptAuthentication($request)) {
-                return;
-            }
-
-            if (!$request->hasSession()) {
-                throw new \RuntimeException('This authentication method requires a session.');
-            }
+        if (!$request->hasSession()) {
+            throw new \RuntimeException('This authentication method requires a session.');
+        }
 
+        try {
             if (!$request->hasPreviousSession()) {
                 throw new SessionUnavailableException('Your session has timed-out, or you have disabled cookies.');
             }
 
+            if (null === $returnValue = $this->attemptAuthentication($request)) {
+                return;
+            }
+
             if ($returnValue instanceof TokenInterface) {
                 $this->sessionStrategy->onAuthentication($request, $returnValue);