Barend Garvelink (Migrated from SEC-1740) said:
I think chapter 10 of the reference manual, on Remember-Me Authentication, would be improved by adding a blurb mentioning the existence of org.springframework.security.access.vote.AuthenticatedVoter, which can be used to distinguish between remembered users and authenticated users in authz decisions. Starting from the page on Remember Me authentication and with no prior experience using Spring Security, I found this feature difficult to track down.
Comment From: rwinch
The preferred way to handle this is using the AuthenticationTrustResolver which is documented https://docs.spring.io/spring-security/site/docs/5.5.x/reference/html5/#anonymous-auth-trust-resolver