server instances cannot find keytab during domain startup --------------------------------------------------------- Key: WFCORE-1495 URL: https://issues.jboss.org/browse/WFCORE-1495 Project: WildFly Core Issue Type: Bug Components: Domain Management, Security Reporter: Derek Horton Assignee: Brian Stansberry In domain mode, the server instances cannot find the keytab if the ApplicationRealm is configured to use kerberos as the server-identity: {code} <security-realm name="ApplicationRealm"> <server-identities> <kerberos> <keytab principal="remote/imahost.imadomain.net@VM29" path="/path/to/keytab"/> </kerberos> </server-identities> <authentication> <kerberos remove-realm="true"/> </authentication> <authorization> <properties path="application-roles.properties" relative-to="jboss.domain.config.dir"/> </authorization> </security-realm> {code} This results in the following error and the server instances fail to start: [Server:server-one] 15:10:35,360 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("validate-authentication") failed - address: ([ [Server:server-one] ("core-service" => "management"), [Server:server-one] ("security-realm" => "ApplicationRealm") [Server:server-one] ]) - failure description: "WFLYDM0094: Kerberos is enabled for authentication on security realm 'ApplicationRealm' but no Keytab has been added to the server-identity." [Server:server-one] 15:10:35,376 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.