Symfony2 custom authentication : user logged but not authenticated

Question

I've been working on a custom authentication system with Symfony 2.1. After a lot of battle with Symfony I've got something that working but not fully...

Problem : After the login (through a form), the user is logged but not authenticated.

Context : Since users have to submit their credentials through an HTML form, I had to create a listener that extends AbstractAuthenticationListener.

Question : Shouldn't the listener automatically add the token to the SecurityContext ? If this is not the case, should I do that manually ?

Process :

User submits his credentials through HTML form

Listener intercepts request and runs attemptAuthentication

Listener calls AuthenticationManager's (implements AuthenticationProviderInterface) authenticate method

AuthenticationManager calls the UserProvider (implements UserProviderInterface) to retrieve user's data from my webservice.

UserProvider returns a User class implementing UserInterface

AuthenticationManager creates a Token implementing TokenInterface.

AuthenticationManager returns the token to the listener.

Listener's attemptAuthentication returns token from AuthenticationManager's method : authenticate

User is logged but not authenticated.

I haven't shown code samples to avoid overloading the post. If needed I'll edit the post.

Answer 1

I found my mistake...

Once logged in, the AuthenticationSuccessHandler redirects the user to the url I want. This action triggers a refreshUser from the UserProvider.

This function was hard-coded with a test user different than the user I was logged in with. Once the function returns a user equal to the one stored in the token the problem is solved.