Red Hat Training

A Red Hat training course is available for Red Hat JBoss Enterprise Application Platform

19.9. Configure SPNEGO Fall Back to Form Authentication

Follow the procedure below to setup a SPNEGO fall back to form authentication. ⁠

Procedure 19.2. SPNEGO security with fall back to form authentication

  1. Set up SPNEGO

  2. Modify web.xml

    Add a login-config element to your application and setup the login and error pages in web.xml:
  3. Add web content

    Add references of login.html and error.html to web.xml. These files are added to web application archive to the place specified in form-login-config configuration. For more information refer Enable Form-based Authentication section in the Security Guide for JBoss EAP 6. A typical login.html looks like this:
            <title>Vault Form Authentication</title>
            <h1>Vault Login Page</h1>
            <form method="post" action="j_security_check">
                    <td><input type="text" name="j_username"></td>
                    <td><input type="password" name="j_password"></td>
                    <td colspan="2"><input type="submit"></td>


The fallback to FORM logic is only available in the case when no SPNEGO (or NTLM) tokens are present. As a result, a login form is not presented to the browser if the browser sends an NTLM token.