I'm extending the abstract class - so mention that. Also adding anonymous

weaverryan · weaverryan · commit 9e411fee438c · 2015-11-22T16:57:02.000-05:00
You probably want anonymous, because without it, if you return null so that
the listener does nothing, you'll get an exception from the AccessListener.
This article is written more where you don't *force* auth in the authenticator,
but then if a resource is protected, it of course requires it.
diff --git a/cookbook/security/guard-api-key.rst b/cookbook/security/guard-api-key.rst
@@ -20,8 +20,9 @@ A) Create the Guard Authenticator
 ---------------------------------
 
 Suppose you want to read an ``X-API-TOKEN`` header on each request and use
-that to authenticate the user. To do this, create a class that implements
-:class:`Symfony\\Component\\Security\\Guard\\\GuardAuthenticatorInterface`::
+that to authenticate the user. To do this, create a class that extends
+:class:`Symfony\\Component\\Security\\Guard\\AbstractGuardAuthenticator`
+(or which implements :class:`Symfony\\Component\\Security\\Guard\\GuardAuthenticatorInterface`)::
 
     // src/AppBundle/Security/TokenAuthenticator.php
     namespace AppBundle\Security;
@@ -199,6 +200,7 @@ and your new ``app.token_authenticator`` authenticator:
                     pattern: ^/
                     # set to false if you *do* want to store users in the session
                     stateless: true
+                    anonymous: true
                     guard:
                         authenticators:
                             - app.token_authenticator
@@ -218,6 +220,7 @@ and your new ``app.token_authenticator`` authenticator:
                 <firewall name="secured_area"
                     pattern="^/"
                     stateless="true"
+                    anonymous="true"
                 >
                     <guard>
                         <authenticator>apikey_authenticator</authenticator>
@@ -237,6 +240,7 @@ and your new ``app.token_authenticator`` authenticator:
                 'secured_area'       => array(
                     'pattern'        => '^/',
                     'stateless'      => true,
+                    'anonymous'      => true,
                     'simple_preauth' => array(
                         'authenticators'  => array(
                             'app.token_authenticator'
