Configure Tomcat Manager-GUI to use SPNEGO authentication

[Jingru Barr <ji...@yahoo.com.INVALID>]

 Tomcat version: 7.0.62Platform (OS) - Centos 6.6
Steps I perform1) follow the document (http://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html) to configure Kerbero.      - I use kinit to verify the keytab and service account and it shows.        kinit -V -k -t server.keytab HTTP/ServiceAccountName.mycompany.com@mycompany.com         Authenticated to Kerberos v52) configure server.xml to use Active Directory for JNDI      add the following to server.xml between Engine and Realm        <Realm   className="org.apache.catalina.realm.JNDIRealm"    connectionURL="ldap://ADServerName:3268"   authentication="simple"   referrals="follow"   connectionName="ServiceAccountName@mycompany.com"   connectionPassword="ServiceAccountpassword"    userSearch="(&amp;(objectCategory=person)(sAMAccountName={0}))"   userBase="dc=mycompany,dc=com"    userSubtree="true"   roleSearch="(member={0})"    roleName="cn"    roleSubtree="true"   roleBase="dc=mycompany,dc=com" />
3) modify web.xml to change authentication       <login-config> <auth-method>SPNEGO</auth-method>  <realm-name>Manager GUI</realm-name>  </login-config>
 <!-- Security roles referenced by this web application --> <security-role>   <role-name>IIAG_HER_Everyone</role-name>   (this is the AD group name)  </security-role>
The result is still not able to authenticate.  Based on the log, I don't see the tomcat try to authenticate using the Kerberos.  Pleae advice further