This mode of operation effectively disables the agent filter. When operating in this mode, the agent filter allows all requests to pass through. However, if the logging is enabled, the agent filter will still log all the requests that it intercepts.
This mode is provided to facilitate development and testing efforts in a controlled development or test environment. Do not to use this mode of operation in a production environment at any time.
Although this mode disables the agent filter from taking any action on the incoming requests other than logging, it has no effect on the agent realm, which might be configured in your deployment container and might get invoked by the deployed application if the deployed application has J2EE security policies in its descriptors or uses programmatic security. With the agent filter disabled, these applications will fail to evaluate the J2EE security policies correctly and as a result the deployed application may malfunction.
To create a situation functionally equivalent to not having the agent in your system at all, set the filter mode to NONE and complete the task described in Removing the Agent Authenticator From BEA WebLogic Server 9.0/9.1.
When the agent filter is operating in this mode, any declarative J2EE security policy or programmatic J2EE security API calls will return a negative result regardless of the user.