From 468021be6cd31ac3af8b2aa9704fcf76c298df5c Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Thu, 9 Sep 2021 15:57:22 +0100
Subject: [PATCH 01/12] [WFLY-15199] Add initial analysis for the removal of
 the legacy security subsystem.

---
 ...5199_Remove_Legacy_Security_Subsystem.adoc | 123 ++++++++++++++++++
 1 file changed, 123 insertions(+)
 create mode 100644 security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
new file mode 100644
index 000000000..e7b6497ca
--- /dev/null
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -0,0 +1,123 @@
+= [WFLY-15199] Remove legacy the security subystsem from the feature packs and convert to a skeleton,
+:author:            Darran Lofthouse
+:email:             darran.lofthouse@redhat.com
+:toc:               left
+:icons:             font
+:idprefix:
+:idseparator:       -
+
+== Overview
+
+During the development of WildFly 11 a new security solution using WildFly Elytron was integrated
+into WildFly in parallel with the legacy security solution based on PicketBox.  This enhancement 
+is to complete the activities to de-activate the legacy security subsystem and remove it from the
+default configurations and Galleon feature packs.
+
+== Issue Metadata
+
+=== Issue
+
+* https://issues.redhat.com/browse/WFLY-15199[WFLY-15199]
+
+=== Related Issues
+
+* 
+
+=== Dev Contacts
+
+* mailto:{email}[{author}]
+
+=== QE Contacts
+
+=== Testing By
+// Put an x in the relevant field to indicate if testing will be done by Engineering or QE. 
+// Discuss with QE during the Kickoff state to decide this
+* [ ] Engineering
+
+* [ ] QE
+
+=== Affected Projects or Components
+
+=== Other Interested Projects
+
+=== Relevant Installation Types
+// Remove the x next to the relevant field if the feature in question is not relevant
+// to that kind of WildFly installation
+* [x] Traditional standalone server (unzipped or provisioned by Galleon)
+
+* [x] Managed domain
+
+* [x] OpenShift s2i
+
+* [x] Bootable jar
+
+== Requirements
+
+=== Hard Requirements
+
+The `security` subsystem will be converted to a skeleton subsystem, this will mean that it can
+be used in domain mode to manage older servers but it can not be used for runtime configuration in
+WildFly 25 or later.
+
+All feature packs will be updated to remove the legacy security subsystem and any references to
+it's capabilities.
+
+The following subsystems will require additional configuration to default to WildFly Elytron
+security:
+
+ * ejb2
+ * iiop-openjdk
+ * messaging-activemq
+ * undertow
+
+=== Nice-to-Have Requirements
+
+=== Non-Requirements
+
+//== Implementation Plan
+////
+Delete if not needed. The intent is if you have a complex feature which can 
+not be delivered all in one go to suggest the strategy. If your feature falls 
+into this category, please mention the Release Coordinators on the pull 
+request so they are aware.
+////
+== Test Plan
+
+The following table identifies the tests in WildFly Core and WildFly affected by the removal.
+
+.Test Case Updates
+|===
+|Test Case |Action
+
+|
+|
+
+
+
+.Action Key
+|===
+|Action | Description
+
+|Ignored
+|Ignored to revisit.
+
+|Removed
+|Test case removed entirely.
+
+|Reduced
+|Removed vault specific testing from case.
+
+|Tweaked
+|Minor changes needed for vault removal.
+|===
+
+== Community Documentation
+
+After the removal is merged a full pass through the community documentation will be required to
+remove references to legacy security.
+
+== Release Note Content
+
+The legacy security subsystem has now been disabled for use at runtime and has been removed from
+the default configurations we ship and removed from the Galleon feature packs.  Users should 
+define their security resources within the `elytron` subsystem.

From ca22c218ce0c5adc30ee398cf6e866defe2d2b7e Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Thu, 9 Sep 2021 16:48:10 +0100
Subject: [PATCH 02/12] [WFLT-15199] Add the affected "web" test cases.

---
 ...5199_Remove_Legacy_Security_Subsystem.adoc | 36 ++++++++++++++++---
 1 file changed, 31 insertions(+), 5 deletions(-)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index e7b6497ca..46deeb541 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -89,9 +89,38 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |===
 |Test Case |Action
 
+|org.jboss.as.test.integration.web.security.WebSecuritySimpleRoleMappingSecurityManagerTestCase
+|Removed
+
+|org.jboss.as.test.integration.web.security.digest.WebSecurityDIGESTTestCase
+|Converted
+
+|org.jboss.as.test.integration.web.security.external.WebSecurityExternalAuthTestCase
+|Converted
+
+|org.jboss.as.test.integration.web.security.form.WebSecuritySimpleRoleMappingTestCase
+|Removed
+
+|org.jboss.as.test.integration.web.security.jaspi.WebSecurityJaspiTestCase
+|Removed
+
+|org.jboss.as.test.integration.web.security.jaspi.WebSecurityJaspiWithFailingAuthModuleTestCase
+|Removed
+
+|
+|Removed
+
 |
+|Removed
+
 |
+|Removed
 
+|
+|Removed
+
+|
+|Removed
 
 
 .Action Key
@@ -104,11 +133,8 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |Removed
 |Test case removed entirely.
 
-|Reduced
-|Removed vault specific testing from case.
-
-|Tweaked
-|Minor changes needed for vault removal.
+|Converted
+|Converted to use Elytron security exclusively.
 |===
 
 == Community Documentation

From b4a0a13e8ec6e88ed3f2947b420ad01d79b94a58 Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Sat, 11 Sep 2021 12:52:44 +0100
Subject: [PATCH 03/12] [WFLY-15199] Further test cases added.

---
 ...5199_Remove_Legacy_Security_Subsystem.adoc | 123 ++++++++++++++++++
 1 file changed, 123 insertions(+)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index 46deeb541..067186b5c 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -107,6 +107,129 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.test.integration.web.security.jaspi.WebSecurityJaspiWithFailingAuthModuleTestCase
 |Removed
 
+|org.jboss.as.test.smoke.deployment.rar.tests.earpackage.EarPackagedDeploymentTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.smoke.deployment.rar.tests.multiactivation.MultipleActivationTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.smoke.deployment.rar.tests.afterresourcecreation.AfterResourceCreationDeploymentTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.smoke.deployment.rar.tests.configproperty.ConfigPropertyTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.smoke.deployment.rar.tests.raconnection.RaTestConnectionTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.rar.RarDeploymentTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.smoke.deployment.rar.tests.redeployment.ReDeploymentTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.smoke.mgmt.resourceadapter.ResourceAdapterOperationsUnitTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.smoke.deployment.rar.tests.multiobjectactivation.MultipleObjectActivationTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.smoke.deployment.rar.tests.multiobjectpartialactivation.MultipleObjectPartialActivationTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.ws.authentication.EJBEndpointAuthenticationTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15253[WFLY-15253]
+
+|org.jboss.as.test.integration.ws.authentication.EJBEndpointNoClassLevelSecurityAnnotationAuthenticationTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15253[WFLY-15253]
+
+|org.jboss.as.test.integration.ws.authentication.EJBEndpointSecuredWSDLAccessTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15253[WFLY-15253]
+
+|org.jboss.as.test.integration.ws.authentication.PojoEndpointAuthenticationTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15253[WFLY-15253]
+
+|org.jboss.as.test.integration.security.loginmodules.CustomLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.DatabaseLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.IdentityLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.LdapExtLikeAdvancedLdapLMTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.LdapExtLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.LdapExtPasswordCachingTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.LdapLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.MultipleCustomLoginModulesTest
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.RunAsLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.UsersRolesLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.jaas.JAASIdentityCachingTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.negotiation.SPNEGOLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.negotiation.AdvancedLdapLoginModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.auditing.CustomAuditProviderModuleTest
+|Removed
+
+|org.jboss.as.test.integration.web.security.runas.WebSecurityRunAsTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15261[WFLY-15261]
+
+|org.jboss.as.test.integration.web.security.servlet.methods.DenyUncoveredHttpMethodsTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15261[WFLY-15261]
+
+|org.jboss.as.test.integration.jca.security.WildFlyActivationRaWithSecurityDomainTestCase
+|Removed
+
+|org.jboss.as.test.integration.jca.security.DsWithSecurityDomainTestCase
+|Removed
+
+|org.jboss.as.test.integration.jca.security.WildFlyActivationRaWithMixedSecurityTestCase
+|Removed
+
+|org.jboss.as.test.integration.jca.security.DsWithMixedSecurityTestCase
+|Removed
+
+|org.jboss.as.test.integration.jca.security.workmanager.WildFlyActivationRaWithWMSecurityDomainWorkManagerTestCase
+|Removed
+
+|org.jboss.as.test.integration.ejb.security.callerprincipal.GetCallerPrincipalWithNoDefaultSecurityDomainTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15262[WFLY-15262]
+
+|org.jboss.as.test.integration.ejb.security.RunAsPrincipalCustomDomainTestCase
+|Removed
+
+|org.jboss.as.test.integration.jca.security.IronJacamarActivationRaWithSecurityDomainTestCase
+|Removed
+
+|org.jboss.as.test.integration.jca.security.WildFlyActivationRaWithElytronAuthContextTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.management.api.security.SecurityDomainTestCase
+|Removed
+
+|org.jboss.as.test.integration.management.api.security.SecurityDomainDotNameTestCase
+|Removed
+
 |
 |Removed
 

From e80e06480fd7863cef041bb880f13bd294fd377f Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Tue, 14 Sep 2021 15:58:33 +0100
Subject: [PATCH 04/12] [WFLY-15199] Additional tests ignored or removed due to
 legacy security removal.

---
 ...5199_Remove_Legacy_Security_Subsystem.adoc | 174 +++++++++++++++++-
 1 file changed, 169 insertions(+), 5 deletions(-)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index 067186b5c..f9e16c1e4 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -230,21 +230,185 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.test.integration.management.api.security.SecurityDomainDotNameTestCase
 |Removed
 
-|
+|org.jboss.as.test.integration.security.aselytron.SecurityDomainAsElytronSecurityRealmTestCase
 |Removed
 
-|
+|org.jboss.as.test.integration.security.cli.JsseTestCase
 |Removed
 
-|
+|org.jboss.as.test.integration.jca.anno.NoRaAnnoTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.anno.RaAnnoTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.basic.BasicDeployment10TestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.basic.BasicDeployment15TestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.basic.BasicDeployment16TestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.basic.BasicDeployment17TestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.basic.BasicDoubleDeployment16TestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.basic.BasicDoubleDeploymentFail16_1TestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.basic.BasicDoubleDeploymentFail16_2TestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.security.auditing.SecurityAuditingTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15263[WFLY-15263]
+
+|org.jboss.as.test.integration.security.jaspi.EESecurityAuthMechanismMultiConstraintsTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15264[WFLY-15264]
+
+|org.jboss.as.test.integration.security.jaspi.EESecurityAuthMechanismTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15264[WFLY-15264]
+
+|org.jboss.as.test.integration.security.jaspi.JASPIHttpSchemeServerAuthModelTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.jaspi.JaspiFormAuthTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.xacml.EjbXACMLAuthorizationModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.xacml.JBossPDPInteroperabilityTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.xacml.JBossPDPServletInitializationTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.xacml.WebXACMLAuthorizationModuleTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.loginmodules.databases.ExternalDatabaseLoginTestCase
+|Removed
+
+|org.jboss.as.test.integration.security.context.ReuseAuthenticatedSubjectTestCase
+|Removed
+
+|org.wildfly.test.elytron.intermediate.SecurityDomainContextRealmTestCase
+|Removed
+
+|org.wildfly.test.elytron.intermediate.X509SecurityDomainContextRealmTestCase
+|Removed
+
+|org.jboss.as.test.integration.jca.capacitypolicies.ResourceAdapterCapacityPoliciesTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.ijdeployment.IronJacamarDeploymentTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.ijdeployment.IronJacamarDoubleDeploymentTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.metrics.RaCfgMetricUnitTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.poolattributes.ResourceAdapterPoolAttributesTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.statistics.ResourceAdapterStatisticsTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.BasicFlatTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.BasicJarTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.MultiActivationFlatTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.MultiActivationJarTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.MultiObjectActivationFlatTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.MultiObjectActivationJarTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.PartialObjectActivationFlatTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.PartialObjectActivationJarTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.PureFlatTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.PureJarTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.TwoModulesFlatTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.TwoModulesJarTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.TwoModulesOfDifferentTypeTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.TwoRaFlatTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.jboss.as.test.integration.jca.moduledeployment.TwoRaJarTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
+
+|org.wildfly.test.integration.vdx.standalone.MessagingTestCase.testWrongOrderOfElements
+|Ignored https://issues.redhat.com/browse/WFLY-15271[WFLY-15271]
+
+|org.jboss.as.test.iiop.security.IIOPSecurityInvocationTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15271[WFLY-15271]
+
+|org.jboss.as.test.xts.wsba.participantcompletion.client.BAParticipantCompletionTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
+
+|org.jboss.as.test.xts.wsat.client.ATTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
+
+|org.jboss.as.test.xts.suspend.wsat.AtomicTransactionSuspendTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
+
+|org.jboss.as.test.xts.annotation.client.TransactionalTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
+
+|org.jboss.as.test.xts.wsba.coordinatorcompletion.client.BACoordinatorCompletionTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
+
+|org.jboss.as.test.xts.annotation.client.CompensatableTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
+
+|org.jboss.as.test.txbridge.fromjta.BridgeFromJTATestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
+
+|org.jboss.as.test.xts.suspend.wsba.BusinessActivitySuspendTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
+
+|org.jboss.as.test.clustering.cluster.sso.ReplicatedSingleSignOnTestCase
 |Removed
 
-|
+|org.jboss.as.test.clustering.cluster.sso.remote.RemoteSingleSignOnTestCase
 |Removed
 
-|
+|org.wildfly.test.manual.management.MPScriptTestCase.testFailure()
 |Removed
 
+|org.jboss.as.test.manualmode.security.SecuredDataSourceTestCase
+|Removed
+
+|org.jboss.as.testsuite.integration.secman.PBStaticMethodsTestCase
+|Removed
 
 .Action Key
 |===

From e2e9c603b22539bac325f127776f207a673c4d6b Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Tue, 14 Sep 2021 18:56:56 +0100
Subject: [PATCH 05/12] [WFLY-15199] Removed web services tests as they have
 been converted.

---
 .../WFLY-15199_Remove_Legacy_Security_Subsystem.adoc | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index f9e16c1e4..9e2314841 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -137,18 +137,6 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.test.smoke.deployment.rar.tests.multiobjectpartialactivation.MultipleObjectPartialActivationTestCase
 |Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
 
-|org.jboss.as.test.integration.ws.authentication.EJBEndpointAuthenticationTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15253[WFLY-15253]
-
-|org.jboss.as.test.integration.ws.authentication.EJBEndpointNoClassLevelSecurityAnnotationAuthenticationTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15253[WFLY-15253]
-
-|org.jboss.as.test.integration.ws.authentication.EJBEndpointSecuredWSDLAccessTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15253[WFLY-15253]
-
-|org.jboss.as.test.integration.ws.authentication.PojoEndpointAuthenticationTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15253[WFLY-15253]
-
 |org.jboss.as.test.integration.security.loginmodules.CustomLoginModuleTestCase
 |Removed
 

From b452af1a3d9ca607a1219268961c31307f344ecd Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Wed, 15 Sep 2021 09:59:00 +0100
Subject: [PATCH 06/12] [WFLY-15199] Remove XTS tests from the list as these
 have been fixed.

---
 ...5199_Remove_Legacy_Security_Subsystem.adoc | 24 -------------------
 1 file changed, 24 deletions(-)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index 9e2314841..1e122ea9c 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -359,30 +359,6 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.test.iiop.security.IIOPSecurityInvocationTestCase
 |Ignored https://issues.redhat.com/browse/WFLY-15271[WFLY-15271]
 
-|org.jboss.as.test.xts.wsba.participantcompletion.client.BAParticipantCompletionTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
-
-|org.jboss.as.test.xts.wsat.client.ATTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
-
-|org.jboss.as.test.xts.suspend.wsat.AtomicTransactionSuspendTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
-
-|org.jboss.as.test.xts.annotation.client.TransactionalTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
-
-|org.jboss.as.test.xts.wsba.coordinatorcompletion.client.BACoordinatorCompletionTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
-
-|org.jboss.as.test.xts.annotation.client.CompensatableTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
-
-|org.jboss.as.test.txbridge.fromjta.BridgeFromJTATestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
-
-|org.jboss.as.test.xts.suspend.wsba.BusinessActivitySuspendTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15275[WFLY-15275]
-
 |org.jboss.as.test.clustering.cluster.sso.ReplicatedSingleSignOnTestCase
 |Removed
 

From 62b51924182d027829b3c821e3d11f8688d29273 Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Thu, 16 Sep 2021 11:10:33 +0100
Subject: [PATCH 07/12] [WFLY-15199] Remove JCA tests as these have been
 activated.

---
 ...5199_Remove_Legacy_Security_Subsystem.adoc | 123 ------------------
 1 file changed, 123 deletions(-)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index 1e122ea9c..13121113f 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -107,36 +107,6 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.test.integration.web.security.jaspi.WebSecurityJaspiWithFailingAuthModuleTestCase
 |Removed
 
-|org.jboss.as.test.smoke.deployment.rar.tests.earpackage.EarPackagedDeploymentTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.smoke.deployment.rar.tests.multiactivation.MultipleActivationTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.smoke.deployment.rar.tests.afterresourcecreation.AfterResourceCreationDeploymentTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.smoke.deployment.rar.tests.configproperty.ConfigPropertyTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.smoke.deployment.rar.tests.raconnection.RaTestConnectionTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.rar.RarDeploymentTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.smoke.deployment.rar.tests.redeployment.ReDeploymentTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.smoke.mgmt.resourceadapter.ResourceAdapterOperationsUnitTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.smoke.deployment.rar.tests.multiobjectactivation.MultipleObjectActivationTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.smoke.deployment.rar.tests.multiobjectpartialactivation.MultipleObjectPartialActivationTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
 |org.jboss.as.test.integration.security.loginmodules.CustomLoginModuleTestCase
 |Removed
 
@@ -209,9 +179,6 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.test.integration.jca.security.IronJacamarActivationRaWithSecurityDomainTestCase
 |Removed
 
-|org.jboss.as.test.integration.jca.security.WildFlyActivationRaWithElytronAuthContextTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
 |org.jboss.as.test.integration.management.api.security.SecurityDomainTestCase
 |Removed
 
@@ -224,33 +191,6 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.test.integration.security.cli.JsseTestCase
 |Removed
 
-|org.jboss.as.test.integration.jca.anno.NoRaAnnoTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.anno.RaAnnoTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.basic.BasicDeployment10TestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.basic.BasicDeployment15TestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.basic.BasicDeployment16TestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.basic.BasicDeployment17TestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.basic.BasicDoubleDeployment16TestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.basic.BasicDoubleDeploymentFail16_1TestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.basic.BasicDoubleDeploymentFail16_2TestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
 |org.jboss.as.test.integration.security.auditing.SecurityAuditingTestCase
 |Ignored https://issues.redhat.com/browse/WFLY-15263[WFLY-15263]
 
@@ -290,69 +230,6 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.wildfly.test.elytron.intermediate.X509SecurityDomainContextRealmTestCase
 |Removed
 
-|org.jboss.as.test.integration.jca.capacitypolicies.ResourceAdapterCapacityPoliciesTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.ijdeployment.IronJacamarDeploymentTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.ijdeployment.IronJacamarDoubleDeploymentTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.metrics.RaCfgMetricUnitTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.poolattributes.ResourceAdapterPoolAttributesTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.statistics.ResourceAdapterStatisticsTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.BasicFlatTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.BasicJarTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.MultiActivationFlatTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.MultiActivationJarTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.MultiObjectActivationFlatTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.MultiObjectActivationJarTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.PartialObjectActivationFlatTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.PartialObjectActivationJarTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.PureFlatTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.PureJarTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.TwoModulesFlatTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.TwoModulesJarTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.TwoModulesOfDifferentTypeTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.TwoRaFlatTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
-|org.jboss.as.test.integration.jca.moduledeployment.TwoRaJarTestCase
-|Ignored https://issues.redhat.com/browse/WFLY-15249[WFLY-15249]
-
 |org.wildfly.test.integration.vdx.standalone.MessagingTestCase.testWrongOrderOfElements
 |Ignored https://issues.redhat.com/browse/WFLY-15271[WFLY-15271]
 

From 9a4998909596355ee3c34aa273758f6e79710fe1 Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Thu, 16 Sep 2021 11:19:31 +0100
Subject: [PATCH 08/12] [WFLY-15199] / [WFLY-15301] Update the issue links.

---
 security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index 13121113f..2ead631a3 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -17,11 +17,12 @@ default configurations and Galleon feature packs.
 
 === Issue
 
-* https://issues.redhat.com/browse/WFLY-15199[WFLY-15199]
+* https://issues.redhat.com/browse/WFLY-15199[WFLY-15199 - Remove legacy security configuration from all feature packs.]
+* https://issues.redhat.com/browse/WFLY-15301[WFLY-15301 - Convert the legacy security subsystem to a model only subsystem.]
 
 === Related Issues
 
-* 
+* https://issues.redhat.com/browse/EAP7-1094[EAP7-1094]
 
 === Dev Contacts
 

From 8963532b72cef2988bd4a7c8624a12946e9166b4 Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Sat, 25 Sep 2021 17:07:37 +0100
Subject: [PATCH 09/12] [WFLY-15314] Removing test specifically for JBoss
 Negotiation.

---
 security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index 2ead631a3..ee1ba18a6 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -252,6 +252,9 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.testsuite.integration.secman.PBStaticMethodsTestCase
 |Removed
 
+|org.jboss.as.test.clustering.cluster.web.ReplicationForNegotiationAuthenticatorTestCase
+|Removed
+
 .Action Key
 |===
 |Action | Description

From a74d6b6d286260281f0ee05503189c5a67b7b04e Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Sat, 25 Sep 2021 18:05:43 +0100
Subject: [PATCH 10/12] [WFLY-15301] Remove test for runtime testing of legacy
 security.

---
 security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index ee1ba18a6..6eb78b16c 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -255,6 +255,9 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.test.clustering.cluster.web.ReplicationForNegotiationAuthenticatorTestCase
 |Removed
 
+|org.jboss.as.security.service.SimpleSecurityServiceManagerMockTest
+|Removed
+
 .Action Key
 |===
 |Action | Description

From f0761715a839684398c94b82be6fc080892b50be Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Wed, 24 Nov 2021 08:57:37 +0000
Subject: [PATCH 11/12] [WFLY-15199] Add PolicyContextTestCase to ignored
 tests.

---
 security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index 6eb78b16c..3037a6892 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -258,6 +258,9 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 |org.jboss.as.security.service.SimpleSecurityServiceManagerMockTest
 |Removed
 
+|org.jboss.as.test.integration.security.jacc.context.PolicyContextTestCase
+|Ignored https://issues.redhat.com/browse/WFLY-15740[WFLY-15740]
+
 .Action Key
 |===
 |Action | Description

From a4574bdc667d65e475ae55c707b2f2b5b20a325a Mon Sep 17 00:00:00 2001
From: Darran Lofthouse <darran.lofthouse@jboss.com>
Date: Wed, 22 Feb 2023 18:19:20 +0000
Subject: [PATCH 12/12] [WFLY-15199] Further changes following review
 discussion.

---
 security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
index 3037a6892..7d59175e1 100644
--- a/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
+++ b/security/WFLY-15199_Remove_Legacy_Security_Subsystem.adoc
@@ -66,10 +66,14 @@ it's capabilities.
 The following subsystems will require additional configuration to default to WildFly Elytron
 security:
 
- * ejb2
+ * ejb3
  * iiop-openjdk
  * messaging-activemq
  * undertow
+ 
+For all subsystems that use a reference to a legacy security resource, these will remain usable in 
+`Stage.MODEL`  but will be flagged as deprecated. Where they are used in `Stage.RUNTIME` they 
+will result in an `OperationFailedException` as they can only be used on older hosts.
 
 === Nice-to-Have Requirements
 
@@ -260,6 +264,7 @@ The following table identifies the tests in WildFly Core and WildFly affected by
 
 |org.jboss.as.test.integration.security.jacc.context.PolicyContextTestCase
 |Ignored https://issues.redhat.com/browse/WFLY-15740[WFLY-15740]
+|===
 
 .Action Key
 |===