This plugin already does its own error handling, so we don't really need to let PAS catch other errors. This way, if an error occurs during getPortalSecurityCategoryMapping ( which calls ERP5Type_getSecurityCategoryMapping ) we don't have a successful authentication with no groups.