If a username is supplied in the environmental data used to establish a connection then the local authentication mechanism should be disabled.

This is because now that WildFly is going to be supporting access control the need to ensure clients are connected as a specific user is going to become more important.

If no username is supplied then the local authentication mechanism will remain in use as it is today.