symfony
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Provider/SimpleAuthenticationProvider.php
Lines changed: 5 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Authentication/Provider/SimpleAuthenticationProvider.php
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Provider/SimpleAuthenticationProviderTest.php
Lines changed: 12 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Provider/SimpleAuthenticationProviderTest.php
Lines changed: 12 additions & 0 deletions
@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Core\Authentication\Provider;
 
+use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Core\User\UserChecker;
 use Symfony\Component\Security\Core\User\UserCheckerInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
@@ -44,6 +45,10 @@ public function authenticate(TokenInterface $token)
             throw new AuthenticationException('Simple authenticator failed to return an authenticated token.');
         }
 
+        if ($authToken instanceof AnonymousToken) {
+            return $authToken;
+        }
+
         $user = $authToken->getUser();
         $this->userChecker->checkPreAuth($user);
         $this->userChecker->checkPostAuth($user);
 
@@ -12,9 +12,11 @@
 namespace Symfony\Component\Security\Core\Tests\Authentication\Provider;
 
 use PHPUnit\Framework\TestCase;
+use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Core\Exception\DisabledException;
 use Symfony\Component\Security\Core\Authentication\Provider\SimpleAuthenticationProvider;
 use Symfony\Component\Security\Core\Exception\LockedException;
+use Symfony\Component\Security\Core\User\UserChecker;
 
 class SimpleAuthenticationProviderTest extends TestCase
 {
@@ -72,6 +74,16 @@ public function testAuthenticateWhenPostChecksFails()
         $provider->authenticate($token);
     }
 
+    public function testAuthenticateSkipsUserChecksForAnonymousTokens()
+    {
+        $authenticator = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface')->getMock();
+        $authenticator->expects($this->once())
+            ->method('authenticateToken')
+            ->will($this->returnValue($token = new AnonymousToken('dummy', 'anon.')));
+
+        $this->assertSame($token, $this->getProvider($authenticator, null, new UserChecker())->authenticate($token));
+    }
+
     protected function getProvider($simpleAuthenticator = null, $userProvider = null, $userChecker = null, $key = 'test')
     {
         if (null === $userChecker) {