I think it is now time to start removing the *-elytron.xml
configurations from the feature packs, these were added so we could
start to get Elytron enabled in isolation. As more and more is
integrated it makes less sense to keep the isolation, and if anything it
is starting to make things harder such as testing.
The default configuration I have planned is for components to be updated
to reference Elytron and for the Elytron configuration to be closely
aligned with the existing default configuration, i.e. Digest
authentication, backed by properties file and local authentication.
We did think if we should enable stronger authentication immediately but
that will break the existing clients already out there, if we do this in
stages the clients should have had a chance to be updated to Elytron so
when we do switch to stronger authentication by default the clients will
So step 1, I will move the Elytron extension and subsystem definition(s)
into the existing configurations we ship and remove the *-elytron.xml
We will then incrementally update resources that reference security
services to reference Elytron capabilities.