Index: src/main/java/com/xpn/xwiki/user/impl/xwiki/MyBasicAuthenticator.java
===================================================================
--- src/main/java/com/xpn/xwiki/user/impl/xwiki/MyBasicAuthenticator.java	(revision 16941)
+++ src/main/java/com/xpn/xwiki/user/impl/xwiki/MyBasicAuthenticator.java	(working copy)
@@ -84,14 +84,21 @@
     public static Principal checkLogin(SecurityRequestWrapper request,
         HttpServletResponse response, XWikiContext context) throws Exception
     {
-        // Always verify authentication
+    	// Retrieve principal in session
+    	Principal principal = request.getUserPrincipal();
+    	
+    	// If we have a principal, and we may avoid authentication, keep it
+    	if (principal != null && context.getWiki().ParamAsLong("xwiki.authentication.always", 0) == 0)
+    		return principal;
+
+    	// Always verify authentication
         String authorizationHeader = request.getHeader("Authorization");
         if (authorizationHeader != null) {
             String decoded = decodeBasicAuthorizationString(authorizationHeader);
             String username = convertUsername(parseUsername(decoded), context);
             String password = parsePassword(decoded);
 
-            Principal principal = authenticate(username, password, context);
+            principal = authenticate(username, password, context);
 
             if (principal != null) {
                 // login successful