Unauthenticated access differs from disabling authentication entirely in that it allows some resources to require authentication, while not requiring authentication for others. Fedora will accept unauthenticated requests and apply authorizations with the acl:agentClass of foaf:Agent (per the "Public Access (All Agents)" section of the SOLID WebAC spec). However, since authentication is presumed to be external to Fedora, the exact way you configure your repository to allow these requests will be dependent on the other features of your deployment (e.g., your application server, reverse proxy, etc.).
Future Plans
That being said, the Shiro architecture brings the possibility of bringing Shiro's authentication realms into Fedora's configuration. Long-term, this opens the door to allowing Fedora to control the presence or absence of authentication for individual resources.
