[jboss-jira] [JBoss JIRA] (SECURITY-722) SPNEGO-fallback-to-FORM authentication does not work with httpd+JBossEAP6 if SPNEGO not available

SPNEGO-fallback-to-FORM authentication does not work with httpd+JBossEAP6 if SPNEGO not available ------------------------------------------------------------------------------------------------- Key: SECURITY-722 URL: https://issues.jboss.org/browse/SECURITY-722 Project: PicketBox Issue Type: Bug Security Level: Public(Everyone can see) Components: Negotiation Affects Versions: Negotiation_2_2_1 Environment: RHEL6, JBoss EAP 6 Reporter: flame liu Assignee: Derek Horton Fix For: Negotiation_2_2_8, Negotiation_2_3_0_CR2 I configured SPNEGO in EAP6. It works well both with EAP only and EAP6 + Apache httpd(mod_proxy). Users just run kinit and will be able to be successfully authenticated. After that, I added the fallback-to-form files/configurations both in the web app and standalone-full.xml. The fallback-to-form works only if httpd stops. If httpd starts, 401 error will always be thrown out.