I implemented the samples from jBoss Negotiation Authenticator 2.0.3.Beta1. It works but it authenticates my application to Active Directory using a generic account, the the end user account. So my goal is simple: automatically get the end user kerberos ticket from my corporate windows machine and using the browser (Internet Explorer OE6 and 7) have a transparent authentication to my web apps running on jBoss 4.2.3 as the end user. Of course if it fails, or if I logout properly, I need to have a basic auth form to enter manual credentials (user ID and MS AD password) View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4186323#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...