IBM JDK, SPNEGO + FORM; with invalid ticket 200 status code is returned ----------------------------------------------------------------------- Key: ELY-1373 URL: https://issues.jboss.org/browse/ELY-1373 Project: WildFly Elytron Issue Type: Bug Components: Authentication Mechanisms Affects Versions: 1.2.0.Beta3 Reporter: Jan Kalina Assignee: Jan Kalina Priority: Major Fix For: 1.1.12.CR1, 1.2.0.Beta9 Given SPNEGO + FORM authentication configuration. And running on IBM java. When invalid kerberos ticket is send Then status code 200 is returned with http form. While on Oracle JDK {{gssContext.isEstablished()}} returns true for invalid client ticket (negotiate with wrong domain JBOSS.COM), so SPNEGO mechanism sends bare challenge after failed authorization, on IBM JDK it returns false immediately, so mechanism fail without sending challenge - to be consistent should be send in both cases.