REMJMX-65 is overzealous at disabling local authentication, if a username and credential is supplied in the environment then it does make sense to disable local authentication - however the availability of a callback handler is not a sufficient flag to also disable it.

In the case of the callback handler the user may still only want to be prompted if the other mechanisms fail.

This issue will remove the disabling of local authentication based on the presence of a callback handler and will instead add a configuration option that can be set on the environment.