On Fri, Sep 5, 2008 at 2:55 PM, Paul Lindner <[EMAIL PROTECTED]> wrote: > null doesn't always mean anonymous > > They are two different states. > > At hi5 our implementation of the SecurityToken does use the isAnonymous() > method to do the right thing in a different class structure. In our case we > instantiate the anonymous userId and have a id check inside of isAnonymous() > > Can we find a way to accomodate this?
Yeah, for sure. I may have been a bit fired up when I wrote that mail. I'm tired of security token thrashing (though I've been responsible for some of it. =) Can you expand a bit about the difference between "unauthenticated" and "anonymous", I don't understand the difference.
