I found a forum post indicating that this value should work, in my hunt to make security work in WildFly. https://community.jboss.org/thread/229071
When you set the parameter ws-security.ut.validator in jaxws-endpoint-config.xml, the value that gets set is in fact the string value, e.g. com.mycompany.cxf.validators.MySpecialValidator
CXF is expecting that this is an instantiated instance of the class, not a classname. It results in a ClassCastException. You can see here for reference: http://cxf.apache.org/docs/ws-securitypolicy.html look under Validator implementations.
To work around this, you can register a custom InInterceptor and set the value in the message context. It's not ideal, but you could read the value from jaxws-endpoint-config.xml and instantiate that class, passing it back to the message context.