Darran Lofthouse created WFLY-13889: --------------------------------------- Summary: Ongoing review of modules depending on PicketBox Key: WFLY-13889 URL: https://issues.redhat.com/browse/WFLY-13889 Project: WildFly Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 22.0.0.Beta1 This follows up from WFLY-13679, ongoing work is needed to ensure PicketBox is not needed at all. The PicketBox module depends on APIs removed in Java 14 so we need to be able to eliminate it completely if legacy security it not being used. At the same time some subsystems are defaulting to legacy security with additional configuration being required to force configuration over to an Elytron configuration, in some cases this applies even if the underlying configuration is not using security at all such as JCA resource adaptors. We should be looking at what we can do to detect the presence of legacy security and now if not provisioned we should be able to default to Elytron based security. -- This message was sent by Atlassian Jira (v7.13.8#713008)