Switched off Jwt header authentication by default

docs-web-common/src/main/java/com/sismics/util/filter/JwtBasedSecurityFilter.java

@@ -17,6 +17,7 @@ import jakarta.json.Json;
 import jakarta.json.JsonArray;
 import jakarta.json.JsonObject;
 import jakarta.json.JsonReader;
+import jakarta.servlet.FilterConfig;
 import jakarta.servlet.http.HttpServletRequest;
 import okhttp3.Request;
 import okhttp3.Response;
@@ -47,9 +48,22 @@ public class JwtBasedSecurityFilter extends SecurityFilter {
      * Name of the header used to store the authentication token.
      */
     public static final String HEADER_NAME = "Authorization";
+    /**
+     * True if this authentication method is enabled.
+     */
+    private boolean enabled;
+
+    @Override
+    public void init(FilterConfig filterConfig) {
+        enabled = Boolean.parseBoolean(filterConfig.getInitParameter("enabled"))
+                || Boolean.parseBoolean(System.getProperty("docs.jwt_authentication"));
+    }
 
     @Override
     protected User authenticate(final HttpServletRequest request) {
+        if (!enabled) {
+            return null;
+        }
         log.info("Jwt authentication started");
         User user = null;
         String token = extractAuthToken(request).replace("Bearer ", "");

docs-web/src/main/webapp/WEB-INF/web.xml

@@ -48,6 +48,10 @@
     <filter-name>jwtBasedSecurityFilter</filter-name>
     <filter-class>com.sismics.util.filter.JwtBasedSecurityFilter</filter-class>
     <async-supported>true</async-supported>
+    <init-param>
+      <param-name>enabled</param-name>
+      <param-value>false</param-value>
+    </init-param>
   </filter>
 
   <filter>