diff --git a/src/Symfony/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php b/src/Symfony/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php
index 17443b967cc86..c67e586fc76a4 100644
--- a/src/Symfony/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php
+++ b/src/Symfony/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php
@@ -68,7 +68,10 @@ public function authenticate(TokenInterface $token)
 
         $this->accountChecker->checkPostAuth($user);
 
-        return new PreAuthenticatedToken($user, $token->getCredentials(), $this->providerKey, $user->getRoles());
+        $authenticatedToken = new PreAuthenticatedToken($user, $token->getCredentials(), $this->providerKey, $user->getRoles());
+        $authenticatedToken->setAttributes($token->getAttributes());
+
+        return $authenticatedToken;
     }
 
     /**
diff --git a/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php b/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
index 6947de3d4ffde..d59a3862b2712 100644
--- a/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
+++ b/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
@@ -70,7 +70,10 @@ public function authenticate(TokenInterface $token)
             $this->checkAuthentication($user, $token);
             $this->accountChecker->checkPostAuth($user);
 
-            return new UsernamePasswordToken($user, $token->getCredentials(), $this->providerKey, $user->getRoles());
+            $authenticatedToken = new UsernamePasswordToken($user, $token->getCredentials(), $this->providerKey, $user->getRoles());
+            $authenticatedToken->setAttributes($token->getAttributes());
+
+            return $authenticatedToken;
         } catch (UsernameNotFoundException $notFound) {
             if ($this->hideUserNotFoundExceptions) {
                 throw new BadCredentialsException('Bad credentials', 0, $notFound);
diff --git a/tests/Symfony/Tests/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php b/tests/Symfony/Tests/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php
index 0ffbe85c35cc9..ca2a459e5f5cf 100644
--- a/tests/Symfony/Tests/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php
+++ b/tests/Symfony/Tests/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php
@@ -60,6 +60,7 @@ public function testAuthenticate()
         $this->assertEquals('pass', $token->getCredentials());
         $this->assertEquals('key', $token->getProviderKey());
         $this->assertEquals(array(), $token->getRoles());
+        $this->assertEquals(array('foo' => 'bar'), $token->getAttributes(), '->authenticate() copies token attributes');
         $this->assertSame($user, $token->getUser());
     }
 
@@ -103,6 +104,8 @@ protected function getSupportedToken($user = false, $credentials = false)
             ->will($this->returnValue('key'))
         ;
 
+        $token->setAttributes(array('foo' => 'bar'));
+
         return $token;
     }
 
diff --git a/tests/Symfony/Tests/Component/Security/Core/Authentication/Provider/UserAuthenticationProviderTest.php b/tests/Symfony/Tests/Component/Security/Core/Authentication/Provider/UserAuthenticationProviderTest.php
index 5c72920a32578..2f6fcc7053c25 100644
--- a/tests/Symfony/Tests/Component/Security/Core/Authentication/Provider/UserAuthenticationProviderTest.php
+++ b/tests/Symfony/Tests/Component/Security/Core/Authentication/Provider/UserAuthenticationProviderTest.php
@@ -157,6 +157,7 @@ public function testAuthenticate()
         $this->assertSame($user, $authToken->getUser());
         $this->assertEquals(array(new Role('ROLE_FOO')), $authToken->getRoles());
         $this->assertEquals('foo', $authToken->getCredentials());
+        $this->assertEquals(array('foo' => 'bar'), $authToken->getAttributes(), '->authenticate() copies token attributes');
     }
 
     protected function getSupportedToken()
@@ -168,6 +169,8 @@ protected function getSupportedToken()
             ->will($this->returnValue('key'))
         ;
 
+        $mock->setAttributes(array('foo' => 'bar'));
+
         return $mock;
     }
 

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/85.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/85.diff" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/85.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/85.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>