[JBWS-4251] changes for wfly-15598-usernametokenprofile

[rsearls]

This PR replaces #179. Added changes were needed to address the removal of picketbox from wfly. And on code change to resolve the test failure.

[jimma]

@rsearls As Alessio said in this comment: #204 (review), we usually put this security implementation in WFLY webservice integration layer in https://github.com/wildfly/wildfly/blob/main/webservices/server-integration/src/main/java/org/jboss/as/webservices/security/ElytronSecurityDomainContextImpl.java . Then we don't need to introduce elytron dependency in jbossws-cxf and we can still delegate this security check to WFLY integration.

[rsearls]

This PR has a dependency on jbossws-spi (PR jbossws/jbossws-spi#14) required an API
change in order to not reference elytron code. And wildfly
https://issues.redhat.com/browse/WFLY-16473 Replacement, WebServices
UsernameToken profile integration with Elytron
PR wildfly/wildfly#15630

The jbossws-spi must be merged 1st so that wfly can resolve its reference.
Next wfly must be merged before tests will pass in jbossws-cxf

jbossws-cxf implements the jbossws-spi API change
but it also contains some required groovy script updates as well as property files