symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
Lines changed: 2 additions & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Http/Firewall/ContextListener.php
Lines changed: 6 additions & 2 deletions b/‎src/Symfony/Component/Security/Http/Firewall/ContextListener.php
Lines changed: 6 additions & 2 deletions
diff --git a/‎src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php
Lines changed: 8 additions & 0 deletions b/‎src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php
Lines changed: 8 additions & 0 deletions
@@ -41,7 +41,8 @@
             <argument type="collection" />
             <argument /> <!-- Provider Key -->
             <argument type="service" id="logger" on-invalid="null" />
-            <argument type="service" id="event_dispatcher" on-invalid="null"/>
+            <argument type="service" id="event_dispatcher" on-invalid="null" />
+            <argument type="service" id="security.authentication.trust_resolver" />
         </service>
 
         <service id="security.logout_listener" class="Symfony\Component\Security\Http\Firewall\LogoutListener" public="false" abstract="true">
 
@@ -15,6 +15,8 @@
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
 use Symfony\Component\HttpKernel\KernelEvents;
+use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
+use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
 use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -39,8 +41,9 @@ class ContextListener implements ListenerInterface
     private $userProviders;
     private $dispatcher;
     private $registered;
+    private $trustResolver;
 
-    public function __construct(TokenStorageInterface $tokenStorage, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
+    public function __construct(TokenStorageInterface $tokenStorage, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, AuthenticationTrustResolverInterface $trustResolver = null)
     {
         if (empty($contextKey)) {
             throw new \InvalidArgumentException('$contextKey must not be empty.');
@@ -58,6 +61,7 @@ public function __construct(TokenStorageInterface $tokenStorage, array $userProv
         $this->sessionKey = '_security_'.$contextKey;
         $this->logger = $logger;
         $this->dispatcher = $dispatcher;
+        $this->trustResolver = $trustResolver ?: new AuthenticationTrustResolver('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken', 'Symfony\Component\Security\Core\Authentication\Token\RememberMeToken');
     }
 
     /**
@@ -121,7 +125,7 @@ public function onKernelResponse(FilterResponseEvent $event)
         $request = $event->getRequest();
         $session = $request->getSession();
 
-        if ((null === $token = $this->tokenStorage->getToken()) || ($token instanceof AnonymousToken)) {
+        if ((null === $token = $this->tokenStorage->getToken()) || ($this->trustResolver->isAnonymous($token))) {
             if ($request->hasPreviousSession()) {
                 $session->remove($this->sessionKey);
             }
 
@@ -18,6 +18,7 @@
 use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
 use Symfony\Component\HttpKernel\KernelEvents;
+use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Http\Firewall\ContextListener;
@@ -85,6 +86,13 @@ public function testOnKernelResponseWillRemoveSession()
         $this->assertFalse($session->has('_security_session'));
     }
 
+    public function testOnKernelResponseWillRemoveSessionOnAnonymousToken()
+    {
+        $session = $this->runSessionOnKernelResponse(new AnonymousToken('secret', 'anon.'), 'C:10:"serialized"');
+
+        $this->assertFalse($session->has('_security_session'));
+    }
+
     public function testOnKernelResponseWithoutSession()
     {
         $tokenStorage = new TokenStorage();