Elytron, Can't access application secured with SPNEGO fallbacking to FORM ------------------------------------------------------------------------- Key: WFCORE-2481 URL: https://issues.jboss.org/browse/WFCORE-2481 Project: WildFly Core Issue Type: Bug Components: Security Reporter: Martin Choma Assignee: Darran Lofthouse Priority: Blocker When accessing application configured with SPNEGO + FORM fallback, then user get 404 on first http GET. {code} [mchoma@localhost ~]$ curl -v http://localhost.localdomain:8080/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/pr... * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to localhost.localdomain (127.0.0.1) port 8080 (#0) > GET /be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/protected/SimpleSecuredServlet HTTP/1.1 > User-Agent: curl/7.37.0 > Host: localhost.localdomain:8080 > Accept: */* > < HTTP/1.1 404 Not Found < Expires: 0 < Cache-Control: no-cache, no-store, must-revalidate < X-Powered-By: Undertow/1 < Set-Cookie: JSESSIONID=0O3kk4WJTVuH0XuWriO_d_M6HMCb83Ri7UZmtUU0.localhost; path=/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5 * Server JBoss-EAP/7 is not blacklisted < Server: JBoss-EAP/7 < Pragma: no-cache < Date: Fri, 03 Mar 2017 09:15:41 GMT < Connection: keep-alive < WWW-Authenticate: Negotiate < Content-Type: text/html;charset=UTF-8 < Content-Length: 149 < * Connection #0 to host localhost.localdomain left intact <html><head><title>Error</title></head><body>/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/protected/http:/localhost.localdomain:8080/login.jsp</body></html>[mchoma@localhost ~]$ {code} Changing in web.xml {{<auth-method>SPNEGO,FORM</auth-method>}} to {{<auth-method>SPNEGO</auth-method>}} makes SPNEGO work again.