diff --git a/include/Swiften/Server/ServerFromClientSession.cpp b/include/Swiften/Server/ServerFromClientSession.cpp
index 1c8aa180b96ed73f24da618e2cbfe2c5c2933750..1b037306517f1afcb2601045194588f81e5e0d0e 100644
--- a/include/Swiften/Server/ServerFromClientSession.cpp
+++ b/include/Swiften/Server/ServerFromClientSession.cpp
@@ -54,16 +54,20 @@ ServerFromClientSession::~ServerFromClientSession() {
 void ServerFromClientSession::handlePasswordValid(const std::string &user) {
 	if (user != JID(user_, getLocalJID().getDomain()).toString())
 		return;
-	getXMPPLayer()->writeElement(boost::shared_ptr<AuthSuccess>(new AuthSuccess()));
-	authenticated_ = true;
-	getXMPPLayer()->resetParser();
+	if (!isInitialized()) {
+		getXMPPLayer()->writeElement(boost::shared_ptr<AuthSuccess>(new AuthSuccess()));
+		authenticated_ = true;
+		getXMPPLayer()->resetParser();
+	}
 }
 
 void ServerFromClientSession::handlePasswordInvalid(const std::string &user) {
 	if (user != JID(user_, getLocalJID().getDomain()).toString() || authenticated_)
 		return;
-	getXMPPLayer()->writeElement(boost::shared_ptr<AuthFailure>(new AuthFailure));
-	finishSession(AuthenticationFailedError);
+	if (!isInitialized()) {
+		getXMPPLayer()->writeElement(boost::shared_ptr<AuthFailure>(new AuthFailure));
+		finishSession(AuthenticationFailedError);
+	}
 }
 
 void ServerFromClientSession::handleElement(boost::shared_ptr<Element> element) {