Actual Behavior

The Sulu SecuritySubscriber throws an error when the user is not an instance of Sulu\Component\Security\Authentication\UserInterface. As far as I can tell, this prevents one from using a custom user provider on a secured route (where the site has tokenStorage).

I our case, this prevents us from using the Symfony LDAP component to authenticate users to the web front end.

Expected Behavior

SecuritySubscriber should return null instead of throw an exception when the user does not implement the Sulu UserInterface.

https://github.com/sulu/sulu/blob/develop/src/Sulu/Bundle/DocumentManagerBundle/Document/Subscriber/SecuritySubscriber.php#L70