Is anyone else still using EJBs? We have migrated a legacy EJB from WebSphere to Wildfly successfully but disabling CSIv2 at Wildfly side causes problems. According to documentation all security should be disabled on IIOP service with the following configuration:

<subsystem xmlns="urn:jboss:domain:iiop-openjdk:2.1">

    <orb socket-binding="iiop"/>

    <initializers security="none"/>

</subsystem>

However, setting security to "none" causes the application deployment to fail:

Caused by: org.omg.CORBA.PolicyError: There is no PolicyFactory Registered for type -2023406815

at com.sun.corba.se.impl.interceptors.PIHandlerImpl.create_policy(PIHandlerImpl.java:955)

at com.sun.corba.se.impl.orb.ORBImpl.create_policy(ORBImpl.java:1611)

at org.jboss.as.ejb3.iiop.EjbIIOPService.start(EjbIIOPService.java:299)

... 8 more

Tested with Wildfly versions from 12 to 16 and JRE versions 8, 10 and 11 with the same result.