Non-SASL authentication was obsoleted a long time ago. Openfire should not enable it by default. This commit moves the related implementation from the core Openfire code into a plugin.