Ive created a new Security manager for JBM 2.0. Instead of the security store talking direct to the Jboss AuthenticationManager it uses a new interface JBMSecurityManager. There are 2 implementations of this interface, JAASSecuritymanager, which basically does what the old security store does and delegates to the JAAS AuthenticationManager and a simple implementation that can be used for standalone or embedded purposes, or even with the App server if the user so wishes.
Ive also added a SecurityManager Deployer that will load users and roles from an xml file (jbm-security.xml) into the Simple SecurityManager.
The old tests still use a JAAS based Authentication, however any new style tests that create a MessagingServer dynamically will use the Simple one, because of this the simple SecurityManager automatically adds a guest user so the tests still pass.