Discussion from chat:

Brian Stansberry: @Farah Juma Should the elytron subsystem have a DUP that does this:

Brian Stansberry: https://github.com/wildfly/wildfly/blob/master/security/subsystem/src/main/java/org/jboss/as/security/deployment/SecurityDependencyProcessor.java#L68

Brian Stansberry: that module is a dep of the subsystem, so it is available

Brian Stansberry: background – Jean-Francois and I are checking through various Galleon layers use cases (hence the JSR375 thread) and it struck me that we shouldn't need legacy security anymore in ts/integration/elytron

Brian Stansberry: i.e. a PR like this should work:

Brian Stansberry: https://github.com/wildfly/wildfly/compare/master...bstansberry:elytron-no-legacy

Brian Stansberry: it mostly does, e.g. https://ci.wildfly.org/viewLog.html?buildId=164893&buildTypeId=WF_MasterLinuxJdk11

Brian Stansberry: that DynamicJaspiTestCase failure I'm guessing is because without the legacy security subsystem we have no DUP making the jaspi module available to the deployment

Farah Juma: @Brian Stansberry Ah, interesting. It seems like it would make sense for the Elytron subsystem to have a DUP that adds both that one and the JACC one

Brian Stansberry: yeah

Farah Juma: I can create a PR for that and then we can check with @Darran Lofthouse to make sure that's the right thing to do

Brian Stansberry: actually, that seems pretty critical, as the layers we want to support on OpenShift do not have the legacy security subsystem

Brian Stansberry: if you can do that i'd appreciate it very much

Farah Juma: sure