diff --git a/src/main/java/org/wildfly/extension/elytron/SaslServerDefinitions.java b/src/main/java/org/wildfly/extension/elytron/SaslServerDefinitions.java
index 1b13f9d1..d917ccd6 100644
--- a/src/main/java/org/wildfly/extension/elytron/SaslServerDefinitions.java
+++ b/src/main/java/org/wildfly/extension/elytron/SaslServerDefinitions.java
@@ -32,6 +32,7 @@
 import static org.wildfly.extension.elytron.ElytronExtension.asStringIfDefined;
 import static org.wildfly.extension.elytron.ElytronExtension.getRequiredService;
 import static org.wildfly.extension.elytron.SecurityActions.doPrivileged;
+import static org.wildfly.extension.elytron._private.ElytronSubsystemMessages.ROOT_LOGGER;
 
 import java.security.PrivilegedExceptionAction;
 import java.security.Provider;
@@ -62,6 +63,7 @@
 import org.jboss.as.controller.SimpleResourceDefinition;
 import org.jboss.as.controller.capability.RuntimeCapability;
 import org.jboss.as.controller.operations.validation.EnumValidator;
+import org.jboss.as.controller.operations.validation.ObjectTypeValidator;
 import org.jboss.as.controller.registry.AttributeAccess;
 import org.jboss.as.controller.registry.ManagementResourceRegistration;
 import org.jboss.as.controller.registry.OperationEntry;
@@ -179,8 +181,26 @@ class SaslServerDefinitions {
 
     static final ObjectListAttributeDefinition CONFIGURED_FILTERS = new ObjectListAttributeDefinition.Builder(ElytronDescriptionConstants.FILTERS, CONFIGURED_FILTER)
         .setAllowNull(true)
+        .setValidator(new FiltersValidator())
         .build();
 
+    private static class FiltersValidator extends ObjectTypeValidator {
+
+        private FiltersValidator() {
+            super(true, PREDEFINED_FILTER, PATTERN_FILTER, ENABLING);
+        }
+
+        @Override
+        public void validateParameter(final String parameterName, final ModelNode value) throws OperationFailedException {
+            super.validateParameter(parameterName, value);
+
+            if (value.hasDefined(ElytronDescriptionConstants.PREDEFINED_FILTER)
+                    && value.hasDefined(ElytronDescriptionConstants.PATTERN_FILTER)) {
+                throw ROOT_LOGGER.invalidDefinition(ElytronDescriptionConstants.FILTERS);
+            }
+        }
+    }
+
     private static final AggregateComponentDefinition<SaslServerFactory> AGGREGATE_SASL_SERVER_FACTORY = AggregateComponentDefinition.create(SaslServerFactory.class,
             ElytronDescriptionConstants.AGGREGATE_SASL_SERVER_FACTORY, ElytronDescriptionConstants.SASL_SERVER_FACTORIES, SASL_SERVER_FACTORY_RUNTIME_CAPABILITY,
             (SaslServerFactory[] n) -> new AggregateSaslServerFactory(n));
diff --git a/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java b/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java
index 8e4dece7..af24caf4 100644
--- a/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java
+++ b/src/main/java/org/wildfly/extension/elytron/_private/ElytronSubsystemMessages.java
@@ -271,4 +271,7 @@ public interface ElytronSubsystemMessages extends BasicLogger {
 
     @Message(id = 1013, value = "Pattern [%s] requires a capture group")
     OperationFailedException patternRequiresCaptureGroup(final String pattern);
+
+    @Message(id = 1014, value = "Invalid [%s] definition.")
+    OperationFailedException invalidDefinition(final String property);
 }