3 Replies Latest reply on May 22, 2018 8:21 AM by Nagaraju Chitimilla

    Wildfly SPNEGO Authentication

    Michael Schiessl Newbie



      I am trying to migrate our projects from JBoss 6.1 to wildfly 8.2.


      We need SPNEGO Kerberos Authentication, which worked in JBoss 6.1.

      For Wildfly I followed instructions from http://de.slideshare.net/josef.cacek/dev-conf2013-ltkerberosas7, but it does not work.

      In web.xml I am using login-config SPNEGO, which is missing in that slides:







      I tried to define a ServletExtension for SPNEGO, which is recognized, but the Subject is null, which may be the reason it does not work:


      public class SpnegoFactory implements AuthenticationMechanismFactory {


          public AuthenticationMechanism create(String mechanismName, FormParserFactory formParserFactory, Map<String, String> properties) {

              GSSAPIServerSubjectFactory subjectFactory = new GSSAPIServerSubjectFactory() {


                  public Subject getSubjectForHost(String host) throws GeneralSecurityException {

                      try {

                          return (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");

                      } catch (PolicyContextException e) {



                      return null;



              return new GSSAPIAuthenticationMechanism(subjectFactory);



      Can anybody help me on this Problem?