Followed Johannes advice to only break when the resulting token is not null.

src/Symfony/Component/Security/Core/Authentication/AuthenticationProviderManager.php

@@ -59,7 +59,9 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
 
             try {
                 $result = $provider->authenticate($token);
-                break;
+                if (null != $result) {
+                    break;
+                }
             } catch (AccountStatusException $e) {
                 $e->setExtraInformation($token);