SPNEGO Authentication Provider impl used with CMIS 1.1.0

[krzysztoffzielin...@gmail.com]

I have Alfresco Core repository configured with SPNEGO authentication (Kerberos 
SSO).
I am writing a service that talks to it using Apache Chemistry opencmis library 
1.1.0. Cmis library requires me to provide custom authentication provider, but 
it drops the Authorisation header I am adding(DefaultHttpInvoker.invoke() 
line:129). So far I came up with following:

public class KerberosAuthProvider extends AbstractAuthenticationProvider {

@Override
public Map<String, List<String>> getHTTPHeaders(String url) {   
   try {        
             String authToken = ….  // generate token       
            Map<String, List<String>> headers = Maps.newHashMap();              
         
            headers.put("Authorization", Lists.newArrayList("Negotiate " + 
authToken));       
            return headers;   
    } catch    (Exception ex) {       
               throw new IllegalStateException("Couldn't get token", ex);    }}
      }

Alfresco responds with following:

No Proxy-Authorization Header is present.
No Authorization Header is present.

I will appreciate any suggestions.