Make jabber:iq:auth (XEP-0078) optional
Non-SASL authentication (XEP-0078) is an old and obsolete mechanism for authentication. Openfires support for this protocol should no longer be enabled by default.
In those environments that depend on it, there aught to be a way to enable non-SASL authentication.
I've moved the existing code in a new plugin.