I am raising this immediately as a Blocker as the changes made for WFCORE-307 effectively prevent us from referencing Elytron supplied capabilities to secure the management interfaces.

https://github.com/wildfly/wildfly-core/commit/13d8f51b79c8b976ec7a5489c94f0e8a8bda998d

I think at this point it would be easier to revert WFCORE-307 and re-evaluate.

To provide consistency we have all been working along the path where Elytron can be configured using a subsystem and used in all modes of the server, this was even a big motivation for Kabir's work bringing subsystems to host controllers.

We could take the view that only subsystems can depend on subsystems but I think we would quickly reach the point where we discuss moving management into a subsystem which would immediately obsolete the changes for WFCORE-307 - this move is something that has been talked about a number of times already.

This will need discussion but as an alternative idea for the original issue reported in WFCORE-307, how about adding the ability to flag a select few capabilities as crtitical / core and those will always cause a failure in this first boot if their requirements are not satisfied.

Also I think WFCORE-307 may only be a partial solution, if we are really saying the server can only run if it is manageable there is still the possibility that at stage RUNTIME the services will fail to start.