Application Server Fails to Connect to Host Controller when JBOSS-LOCAL-USER Mechanism is Removed from Elytron Config in JBoss EAP 7.

Solution Verified - Updated -


  • The application server fails to start with:

    Caused by: Authentication failed: all available authentication mechanisms failed:
    DIGEST-MD5: DIGEST-MD5: Server rejected authentication
        Suppressed: DIGEST-MD5: Server rejected authentication
  • Where can I / Is there a way to specify an authentication-factory for a server to connect to the host controller?

  • Does this mean that management-sasl-authentication must specify JBOSS-LOCAL-USER?


  • Red Hat JBoss Enterprise Application Platform( EAP)
    • 7.1 or later
  • Elytron
  • http-authentication-factory authentication on management-interface
  • Disabled/Removed local authentication / JBOSS-LOCAL-USER on sasl-authentication-factory
  • Managed Domain Mode

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In