root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 18 Packages Projects Releases Wiki Activity

Merge branch '6.2.x'

This commit is contained in:
Josh Cummings 2024-02-05 11:35:42 -07:00
parent 35ab9c55c4 74d85c1e46
commit 4ef1e41d29
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/modules/ROOT/pages/servlet/authentication/anonymous.adoc
View File

@ -27,7 +27,7 @@ You can customize (or disable) it by using the `<anonymous>` element.
You need not configure the beans described here unless you are using traditional bean configuration. You need not configure the beans described here unless you are using traditional bean configuration.
Three classes work together to provide the anonymous authentication feature. Three classes work together to provide the anonymous authentication feature.
`AnonymousAuthenticationToken` is an implementation of `Authentication` and stores the `GrantedAuthority` instancesthat apply to the anonymous principal. `AnonymousAuthenticationToken` is an implementation of `Authentication` and stores the `GrantedAuthority` instances that apply to the anonymous principal.
There is a corresponding `AnonymousAuthenticationProvider`, which is chained into the `ProviderManager` so that `AnonymousAuthenticationToken` instances are accepted. There is a corresponding `AnonymousAuthenticationProvider`, which is chained into the `ProviderManager` so that `AnonymousAuthenticationToken` instances are accepted.
Finally, an `AnonymousAuthenticationFilter` is chained after the normal authentication mechanisms and automatically adds an `AnonymousAuthenticationToken` to the `SecurityContextHolder` if there is no existing `Authentication` held there. Finally, an `AnonymousAuthenticationFilter` is chained after the normal authentication mechanisms and automatically adds an `AnonymousAuthenticationToken` to the `SecurityContextHolder` if there is no existing `Authentication` held there.
The filter and authentication provider is defined as follows: The filter and authentication provider is defined as follows: