A NoSec provider offers pass-through security for Unwired Server. In development environments, you can apply a NoSec security provider for authentication, authorization, and attribution modules. However, never use this provider in production environments — either for administration, or device user authentication.
The NoSecLoginModule class provides open authentication services, the NoSecAuthorizer class provides authorization services, and the NoSecAttributer provides attribution services. However, you need to configure only authentication properties for a NoSec provider.
| Property | Default Value | Description |
|---|---|---|
| useUsernameAsIdentity | true | If this option is set to true, the user name supplied in the callback is set as the name of the principal added to the subject. |
| identity | nosec_identity | The value of this configuration option is used as the identity of the user if either of these conditions is met:
|
| useFirstPass | false | If set to true, the login module attempts to retrieve only the user name and password from the shared context. It never calls the callback handler. |
| tryFirstPass | false | If set to true, the login module first attempts to retrieve the user name and password from the shared context before attempting the callback handler. |
| clearPass | false | If set to true, the login module clears the user name and password in the shared context when calling either commit or abort. |
| storePass | false | If set to true, the login module stores the user name and password in the shared context after successfully authenticating. |