Use !isAuthenticated

It's more verbose to see if the user is not null and not anonymous

Issue gh-16385

web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java

@@ -345,7 +345,7 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe
 	}
 
 	private List<CredentialRecord> findCredentialRecords(Authentication authentication) {
-		if (authentication == null || this.trustResolver.isAnonymous(authentication)) {
+		if (!this.trustResolver.isAuthenticated(authentication)) {
 			return Collections.emptyList();
 		}
 		PublicKeyCredentialUserEntity userEntity = this.userEntities.findByUsername(authentication.getName());