diff --git a/docs/faq/src/docbook/faq.xml b/docs/faq/src/docbook/faq.xml
index e728c51581..a4d350c5b7 100644
--- a/docs/faq/src/docbook/faq.xml
+++ b/docs/faq/src/docbook/faq.xml
@@ -445,7 +445,16 @@
UserDetailsService which splits them up
and loads the appropriate user data for authentication.
-
+
+ How do I apply different intercept-url constraints where only the
+ fragment value of the requested URLs differs (e.g. /foo#bar and /foo#blah?
+
+ You can't do this, since the fragment is not transmitted from the browser to the server. The URLs above
+ are identical from the server's perspective. This is a common question from GWT users.
+
+
+
+
How do I access the user's IP Address (or other web-request data) in a UserDetailsService?
@@ -468,6 +477,20 @@
+
+ How do I access the HttpSession from a UserDetailsService?
+ You can't, since the UserDetailsService has no awareness of the
+ servlet API. If you want to store custom user data, then you should customize the UserDetails
+ object which is returned. This can then be accessed at any point, via the thread-local SecurityContextHolder.
+ A call to SecurityContextHolder.getContext().getAuthentication().getPrincipal() will return this custom
+ object.
+
+
+ If you really need to access the session, then it must be done by customizing the web tier.
+
+
+
+
How do I define the secured URLs within an application
dynamically?