
![[8.5.5.5 or later]](../ng_v8555.gif)
This topic applies to WebSphere Application Server Liberty V8.5.5.9 and earlier. For the latest Liberty topics, see the WebSphere Application Server Liberty documentation.
Using Kerberos principal name for authorization with SPNEGO authentication
You can use the fully qualified Kerberos principal name for authorization instead of using simple mapping or creating your own custom JAAS custom login module.
About this task
The following steps should be rarely followed, and only by users who specifically choose not to use simple mapping, which is the default configuration, or choose not to add a JAAS custom login module to map the fully qualified Kerberos principal name to a user in the Liberty server user registry. This task allows you to use the fully qualified Kerberos principal name for authorization.