diff --git a/core/src/main/java/hudson/model/Hudson.java b/core/src/main/java/hudson/model/Hudson.java
index 04311824c40d5fe35ffe55d66645d930489764d6..34280257800b15e657eba3a87a8b2c14a2b52839 100644
--- a/core/src/main/java/hudson/model/Hudson.java
+++ b/core/src/main/java/hudson/model/Hudson.java
@@ -63,6 +63,7 @@ import hudson.widgets.Widget;
 import net.sf.json.JSONObject;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.GrantedAuthority;
+import org.acegisecurity.GrantedAuthorityImpl;
 import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
 import org.acegisecurity.context.SecurityContextHolder;
 import org.acegisecurity.ui.AbstractProcessingFilter;
@@ -1848,9 +1849,8 @@ public final class Hudson extends View implements ItemGroup<TopLevelItem>, Node,
         // that we have filters. Looking at the stack trace, Tomcat doesn't seem to
         // run the request through filters when this is the login request.
         // see http://www.nabble.com/Matrix-authorization-problem-tp14602081p14886312.html
-        if(a==null) {
-            a = new AnonymousAuthenticationToken("anonymous","anonymous",new GrantedAuthority[0]);
-        }
+        if(a==null)
+            a = new AnonymousAuthenticationToken("anonymous","anonymous",new GrantedAuthority[]{new GrantedAuthorityImpl("anonymous")});
         return a;
     }