• Anton - Hi Andreas, that's a realy informativ article. That configuration will works on windows based systems which are members of the active directory domain. I have a question in reference to non windows clients, which are not member of the active directory domain. For instance linux oder MacOS clients are not able to contact the kdc, but the users have an user account in active directory. Is ist possible to configure a second authentication provider in the jboss configuration? use case: 1. MacOS user is calling a http site 2. using kerberos is not possible 3. user get a input mask for username + password 4. credentials will be checked against active directory Thank your for your help! Kind regards, Anton (23 Nov 2011)

• 6footplus - Hi Anton, once I managed to get the above working, I haven't worked with it since. But generally speaking it is possible to create an application policy for LDAP authentication (see JBoss's LdapExtLoginModule for more information) and to have more than one application policy. Not sure if it would work though, but certainly worth a try. (30 Nov 2011)