4 files changed, 21 insertions, 10 deletions

diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php
index 6fb77e9..5f94e43 100644
--- a/Http/Firewall/ContextListener.php
+++ b/Http/Firewall/ContextListener.php
@@ -93,19 +93,19 @@ class ContextListener implements ListenerInterface
             return;
         }
 
-        if (null === $token = $this->context->getToken()) {
-            return;
+        if (null !== $this->logger) {
+            $this->logger->debug('Write SecurityContext in the session');
         }
 
-        if (null === $token || $token instanceof AnonymousToken) {
+        if (null === $session = $event->getRequest()->getSession()) {
             return;
         }
 
-        if (null !== $this->logger) {
-            $this->logger->debug('Write SecurityContext in the session');
+        if ((null === $token = $this->context->getToken()) || ($token instanceof AnonymousToken)) {
+            $session->remove('_security_'.$this->contextKey);
+        } else {
+            $session->set('_security_'.$this->contextKey, serialize($token));
         }
-
-        $event->getRequest()->getSession()->set('_security_'.$this->contextKey, serialize($token));
     }
 
     /**
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php
index a36baf3..62f48cf 100644
--- a/Http/Firewall/ExceptionListener.php
+++ b/Http/Firewall/ExceptionListener.php
@@ -15,7 +15,9 @@ use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface;
 use Symfony\Component\Security\Core\SecurityContextInterface;
 use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
+use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
+use Symfony\Component\Security\Core\Exception\AccountStatusException;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException;
@@ -158,6 +160,11 @@ class ExceptionListener
 
         $this->setTargetPath($request);
 
+        if ($authException instanceof AccountStatusException) {
+            // remove the security token to prevent infinite redirect loops
+            $this->context->setToken(null);
+        }
+
         return $this->authenticationEntryPoint->start($request, $authException);
     }
 
diff --git a/Http/HttpUtils.php b/Http/HttpUtils.php
index c11b283..b31fcf5 100644
--- a/Http/HttpUtils.php
+++ b/Http/HttpUtils.php
@@ -16,6 +16,8 @@ use Symfony\Component\Security\Core\SecurityContextInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\Routing\RouterInterface;
+use Symfony\Component\Routing\Exception\MethodNotAllowedException;
+use Symfony\Component\Routing\Exception\ResourceNotFoundException;
 
 /**
  * Encapsulates the logic needed to create sub-requests, redirect the user, and match URLs.
@@ -97,7 +99,7 @@ class HttpUtils
      * Checks that a given path matches the Request.
      *
      * @param Request $request A Request instance
-     * @param string  $path    A path (an absolute path (/foo), an absolute URL (http://...), or a route name (foo))
+     * @param string  $path    A path (an absolute path (/foo) or a route name (foo))
      *
      * @return Boolean true if the path is the same as the one from the Request, false otherwise
      */
@@ -108,7 +110,9 @@ class HttpUtils
                 $parameters = $this->router->match($request->getPathInfo());
 
                 return $path === $parameters['_route'];
-            } catch (\Exception $e) {
+            } catch (MethodNotAllowedException $e) {
+                return false;
+            } catch (ResourceNotFoundException $e) {
                 return false;
             }
         }
diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php
index e75cf63..556fb6a 100644
--- a/Http/RememberMe/AbstractRememberMeServices.php
+++ b/Http/RememberMe/AbstractRememberMeServices.php
@@ -173,7 +173,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
     {
         if (!$token->getUser() instanceof UserInterface) {
             if (null !== $this->logger) {
-                $this->logger->debug('Remember-me ignores token since it does not contain an UserInterface implementation.');
+                $this->logger->debug('Remember-me ignores token since it does not contain a UserInterface implementation.');
             }
 
             return;