Updates to the SmallRye JWT integration to remove requirement for EE Security

At the moment activation of MP-JWT triggers the activation of EE Security and JASPIC, at it's core the MP-JWT specification is a simple header based authentication mechanism so we should be able to cut out the additional layers.

The main requirement will still be that the microprofile-jwt subsystem performs the same actions to detect the need to activate MP-JWT. 

The subsystem can likely make a HttpAuthenticationFactory available for use later.

A key point here is the mechanism will still need to be coming from the application for the relevant CDI integration.