I'm having trouble understanding the function of this filter. I consulted the reference material (http://acegisecurity.org/docbook/acegi.html) and i contains this explanation;

Code:
Particularly in the case of web request URI security, sometimes it is more 
convenient to assign configuration attributes against every possible secure 
object invocation. 
Put differently, sometimes it is nice to say ROLE_SOMETHING is required by 
default and only allow certain exceptions to this rule, such as for login, 
logout and home pages of an application.
The explanation above is not really making much sense to me. At the moment I'm running the acegi-sample-security-tutorial app. Anonymous authentication is present within this app. I dont understand how it fits in and what its supposed to be doing, from a user or developer point of view.