Kerberos extension: avoiding reauthentication in SpnegoAuthenticationProcessingFilter

I am using the Spring Security Kerberos extension (which btw was easy to setup and use, thank you!). One problem I ran into is that every request gets re-authenticated in SpnegoAuthenticationProcessingFilter. I am new to Kerberos, so I was wondering if there is a technical reason for this, or if it's something that can be addressed? Can the filter safely just skip authentication if the SecurityContextHolder has an authenticated, non-anonymous token?

For basic and digest authentication, this ticket was logged and fixed (only for basic auth though): https://jira.springsource.org/browse/SEC-53

Thank you,
Nikita

I just saw this commit which addresses this: http://git.springsource.org/spring-s...cf325e88ccfddb

Nikita