private AuthenticationRule convertConfToRule( final Config ruleConf ) {
final List<String> defaultIdentityManagersAndAuthMechanisms = Collections.singletonList("default");
final List<String> defaultExcludedPatterns = authConfig.getStringList("default-excluded-patterns");
final List<IdentityManager> identityManagers = getIdentityManagerFor( ruleConf, defaultIdentityManagersAndAuthMechanisms );
final List<AuthenticationMechanism> mechanisms = extractNeededMechanisms( ruleConf.getStringList("auth-mechanisms", defaultIdentityManagersAndAuthMechanisms) );
final List<String> excludedPatterns = ruleConf.getStringList("exclude-patterns", new ArrayList<>());
final boolean authenticationRequired = ruleConf.getBoolean( "authentication-required", true );
excludedPatterns.addAll( defaultExcludedPatterns );
return new AuthenticationRule(
ruleConf.getString( "pattern" ), identityManagers,
mechanisms, ruleConf.getStringList( "expected-roles", Collections.emptyList() ),
excludedPatterns, authenticationRequired );
}