I'm having trouble understanding the function of this filter. I consulted the reference material (http://acegisecurity.org/docbook/acegi.html) and i contains this explanation;
The explanation above is not really making much sense to me. At the moment I'm running the acegi-sample-security-tutorial app. Anonymous authentication is present within this app. I dont understand how it fits in and what its supposed to be doing, from a user or developer point of view.
Particularly in the case of web request URI security, sometimes it is more convenient to assign configuration attributes against every possible secure object invocation. Put differently, sometimes it is nice to say ROLE_SOMETHING is required by default and only allow certain exceptions to this rule, such as for login, logout and home pages of an application.