Set the JAAS Control Flag
The Java Authentication and Authorization Service (JAAS) Control
Flag
attribute assigned to each provider defines whether users must be
authenticated by that provider.
The default value for this attribute is "Optional," but for STA, Oracle
recommends setting it to "Sufficient" for each provider, including the
DefaultAuthenticator
.