I am writing a stash plugin and I would like to show a servlet which non-authenticated users can see (it might, for example, just show status of pull requests or something). I don't want to have to create a service account just for this. According to https://developer.atlassian.com/display/DOCS/Creating+an+Admin+Configuration+Form the user is redirected to a login page if not logged in before my code is reached. Is there an annotation or change to my atlassian-plugin.xml that can change this?

EDIT: clarification

No, I don't have any permission check done

anywhere, it is "built in". In the link I posted, atlassian writes:

Our web application first checks whether the user is logged in. If not, it redirects the user to the login page. We use the SAL User Manager feature to make sure that the current user is an administrator, so we need to add this dependency to our project file.

My code looks like this

atlassian-plugin.xml

<servlet key="buildSuccessReporting" name="Build Success Reporting Servlet" class="com.palantir.stash.stashbothelper.admin.BuildSuccessReportingServlet">
        <url-pattern>/stashbot/build-reporting/*</url-pattern>
    </servlet>

BuildSuccessReportingServlet.java

public class BuildSuccessReportingServlet extends HttpServlet {
    @Override
    public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {

        // SNIP - leaving out irrelevant logic here

        res.reset();
        res.setStatus(200);
        res.setContentType("text/plain;charset=UTF-8");
        Writer w = res.getWriter();
        w.append("output here");
        w.close();
    }
}

This works when logged in, but issues a 302 to /login when I am not authenticated. I want to change that.

Thanks!

-Carl