In fact that's what I ended up doing and it worked fine in JBoss 4.02. But in
4.04 and 4.05, I was getting 'No role found' error from
'JBossSecurityMgrRealm'. And, I fixed that one by using a
* in the applicaitons 'web.xml'. It works for me as I am
not authenitcating against any domains. The ap
And, I noticed the following in the logs when I enabled TRACE on
JBossSecurityMgrRealm.
2006-11-26 13:33:49,515 TRACE
[org.jboss.security.plugins.JaasSecurityManager.SPNEGO] Login failure
javax.security.auth.login.LoginException: Error getting roles:
jcifs.smb.SmbAuthException: Access is denied
I followed the instructions from
http://wiki.jboss.org/wiki/Wiki.jsp?page=NegotiateKerberos (using JBoss 4.02)
and it appears that the SPNEGO/NTLM handshaking and getting the principal from
token seems to be working fine. I can also see that the 'login()' method of
'NegotiateLoginModule' is ret