If a jacc-policy is configured in the policy=* resource, a service is installed using the JACC_POLICY_RUNTIME_CAPABILITY, but that capability is never registered with the capability registry.

The capability is recorded in https://github.com/wildfly/wildfly-capabilities/blob/master/org/wildfly/security/jacc-policy/capability.adoc as non-private, so it should be registered. (Note that the capability.adoc incorrectly describes this as a dynamic cap.

In WildFly full, the ejb3 and undertow subsystems are using the org.wildfly.security.jacc-policy capability name to look up services, but they too are not recording their requirement for the cap. That's a separate bug, but it can't be fixed until this one is.