Given a secured EJB which is using an Elytron security domain, a piece of code inside a deployment wants to call it (and needs to authenticate in order to do it).
Given that the old JAAS way with LoginContext is not supported with Elytron, I assume this should work with the new AuthenticationContext.

This code:

AuthenticationConfiguration common = AuthenticationConfiguration.EMPTY
                .useProviders(() -> new Provider[] {new WildFlyElytronProvider()});
AuthenticationConfiguration user1credentials = common.useName("user1").usePassword("pass1");
AuthenticationContext context = AuthenticationContext.empty().with(MatchRule.ALL, user1credentials);
context.run((PrivilegedExceptionAction<String>)() ->
                ((MyAwesomeEJB)new InitialContext().lookup("java:module/The-EJB-Name")).method());

This will not authenticate the user in order to be able to call a secured EJB. We were unable to find any documentation on this and it seems logical that this should work - there might be something we are missing, in which case I'm asking for advice how to make this work.