Index: forgon-core/src/main/java/com/forgon/directory/acegi/tools/AcegiHelper.java
===================================================================
diff -u -r14169 -r16535
--- forgon-core/src/main/java/com/forgon/directory/acegi/tools/AcegiHelper.java	(.../AcegiHelper.java)	(revision 14169)
+++ forgon-core/src/main/java/com/forgon/directory/acegi/tools/AcegiHelper.java	(.../AcegiHelper.java)	(revision 16535)
@@ -6,8 +6,10 @@
 import java.util.List;
 import java.util.Set;
 
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.session.SessionInformation;
 import org.springframework.security.core.session.SessionRegistry;
@@ -61,20 +63,27 @@
 
 		LoginUserData loginUserData = getPDALoginUserData();
 		if(loginUserData == null){
-			if (auth != null) {
+			if (auth == null) {
+				// 构建匿名用户对象
+				Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+
+					authorities.add(new SimpleGrantedAuthority(
+							"ROLE_ANONYMOUS") );
 				
-				Object obj = auth.getPrincipal();
+				auth = (Authentication)new AnonymousAuthenticationToken("anonymousUser", "anonymousUser", authorities);				
+			}
 			
-				loginUserData = getUserByPrincipal(obj);
-				
-				String userIP = "";
-				Object details = auth.getDetails();
-				if (details instanceof WebAuthenticationDetails){
-					WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;
-					userIP = webDetails.getRemoteAddress();
-				}
-				loginUserData.setUserIP(userIP);
+			Object obj = auth.getPrincipal();
+			
+			loginUserData = getUserByPrincipal(obj);
+			
+			String userIP = "";
+			Object details = auth.getDetails();
+			if (details instanceof WebAuthenticationDetails){
+				WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;
+				userIP = webDetails.getRemoteAddress();
 			}
+			loginUserData.setUserIP(userIP);
 		}
 		
 		return loginUserData;