We authenticate using a JAAS configuration.
As we now started protecting pages (login-required="true" in pages.xml) it forces developers and testers to login all the time, wasting time.
I found the Identity.setSecurityEnabled(false) way of turning security off but I cannot get it to work. In all the examples I've it's invoked from a xunit testcase.
I'd like to turn security off in a jboss deployed application.
If can find a way to do that I could put the disable security flag in a configuration file outside the packaging (ear/war) and have it on or off depending on environment.
Any suggestions on how to do that?