The datasources and resource-adapters subsystems introduce hard requirements for the legacy security subsystem -------------------------------------------------------------------------------------------------------------- Key: WFLY-8323 URL: https://issues.jboss.org/browse/WFLY-8323 Project: WildFly Issue Type: Bug Components: JCA Reporter: Brian Stansberry Assignee: Brian Stansberry Priority: Critical There are code paths in the connector module that result in dependencies on services provided by the legacy security subsystem being added to ds and r-a services even though the ds or r-a config doesn't require the depended on services. This will force users to retain the legacy subsystem in their config even though it is otherwise unnecessary. The services are org.jboss.as.security.service.SubjectFactoryService and org.jboss.as.security.service.SimpleSecurityManagerService. Related to this, the configuration xml includes some 'elytron-enabled' attributes that appear to be redundant, since 'authentication-context' attributes indicate a need for elytron. I believe resolving the main subject of this JIRA may help clarify whether those attributes are adding value, since a fix will involve analysis of what scenarios indicate a requirement for the legacy security services and what do not. If all those cases can be identified without resorting to the user declaring 'elytron-enabled' that's a good sign that 'elytron-enabled' is not adding value.