[jboss-jira] [JBoss JIRA] Commented: (SECURITY-448) Fallback to BASIC authenticator if authentication fails

[ https://jira.jboss.org/jira/browse/SECURITY-448?page=com.atlassian.jira.p... ] Jacob Orshalick commented on SECURITY-448: ------------------------------------------ For additional reference, the configuration elements are: For login-config.xml, <application-policy name="SPNEGO"> <authentication> <login-module code="org.jboss.security.negotiation.spnego.SPNEGOLoginModule" flag="optional"> <module-option name="password-stacking">useFirstPass</module-option> <module-option name="serverSecurityDomain">host</module-option> </login-module> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> <module-option name="password-stacking">useFirstPass</module-option> <module-option name="usersProperties">props/spnego-users.properties</module-option> <module-option name="rolesProperties">props/spnego-roles.properties</module-option> </login-module> </application-policy> where props/spnego-users.properties defines: jacob=orshalick and props/spnego-roles.properties defines: jacob=Users And for jboss-service.xml, <java:property> <java:key>SPNEGO</java:key> <java:value>org.jboss.security.negotiation.NegotiationWithBasicFallbackAuthenticator</java:value> </java:property> If you need anything further to test out the patch, please let me know. Thanks again! -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira