How do you add a custom authenticator in Wildfly? I used to do this in JBoss 4.2:

In <JBoss>\jboss-as\server\production\deploy\jboss-web.deployer\META-INF\jboss-service.xml, add the following in :

 <java:property>
      <java:key>MY-CUSTOM-AUTH</java:key>
      <java:value>com.test.MyCustomAuthenticator</java:value>
 </java:property>

In <JBoss>\jboss-as\server\production\deploy\jboss-portal-ha.sar\portal-server.war\WEB-INF\web.xml, modify :

...
 <login-config>
      <auth-method>MY-CUSTOM-AUTH</auth-method>
...

Wildfly does not have jboss-service.xml anymore.

I found the answer. We need to create an Undertow ServletExtension (io.undertow.servlet.ServletExtension) in the META-INF/services to register the authentication mechanism . My extension class looks like this:

public class NtlmServletExtension implements ServletExtension {
    @Override
    public void handleDeployment(DeploymentInfo deploymentInfo, ServletContext servletContext) {
        deploymentInfo.addAuthenticationMechanism("NTLM", new NtlmAuthenticationMechanism.Factory());
    }
}

Check this for more details: http://undertow.io/documentation/servlet/security.html

Here's a sample: https://github.com/dstraub/spnego-wildfly

You can now refer to this in your web.xml:

...
 <login-config>
      <auth-method>NTLM</auth-method>
...

In WildFly you have to use a security realm for that :

• https://docs.jboss.org/author/display/WFLY8/Security+Realms for reference.
• http://www.radcortez.com/custom-principal-and-loginmodule-for-wildfly/ as an example