Get kerberos authentication working again.

This revision requires internal changes to the application's web.xml and jboss-web.xml which is not ideal.

zanata-war/src/main/webapp-jboss/WEB-INF/jboss-deployment-structure.xml

@@ -16,6 +16,7 @@
           <module name="org.hibernate" />
           <module name="org.hibernate.validator" />
 <!--           <module name="org.jboss.as.jpa.hibernate" /> -->
+          <module name="org.jboss.security.negotiation" />
           <module name="org.slf4j" />
           <module name="org.zanata.settings" />
         </dependencies>

zanata-war/src/main/webapp-jboss/WEB-INF/jboss-web.xml

@@ -16,7 +16,11 @@ in case changes are required for production deployment (eg cfengine).
     </resource-ref>
  -->
 
-    <!--<security-domain>zanata</security-domain>-->
+    <security-domain>java:/jaas/SPNEGO</security-domain>
+    <valve>
+        <class-name>org.jboss.security.negotiation.NegotiationAuthenticator</class-name>
+    </valve>
+
 
 	<!-- This is where the webapp context root (eg /zanata or /) can be overridden: -->
     <!-- _context_root_ -->

zanata-war/src/main/webapp-jboss/WEB-INF/web.xml

@@ -6,7 +6,7 @@
 
 	<!-- sso security -->
 
-	<!-- Kerberos only (also configurable on JBOSS_HOME/server/<config>/deployers/jbossweb.deployer/web.xml)
+	<!-- Kerberos only (also configurable on JBOSS_HOME/server/<config>/deployers/jbossweb.deployer/web.xml)-->
 
 	<security-constraint>
 	    <web-resource-collection>
@@ -20,8 +20,10 @@
 	<login-config>
 	    <auth-method>SPNEGO</auth-method>
 	</login-config>
+    <security-role>
+        <role-name>*</role-name>
+    </security-role>
 
-	-->
 
 	<!-- RichFaces -->
 	<context-param>