Separating security into a part that depends only on the JPA and into a

the tests that require a specific implementation.
Reason is that current JPA 2.0 implementations are not available on the
central maven repo so removing a dependency on them in the pom allows
the security stuff to be still published in the central maven repo.