It is not possible to configure valve for management web console. If you want to use Kerberos authentication, you must add NegotiationAuthenticator valve to application's jboss-web.xml. Second option is to set up Global Valve( with NegotiationAuthenticator) in web subsystem, which is used for all deployed applications, but NOT for management web console. This request comes from Openshift team.
EAP 6's HTTP management interface does not use JBoss Web and JBoss Web notions are not applicable to its configuration. Please start a discussion of the underlying authentication requirements (not a proposal as to the solution) on wildfly-dev.org (the public upstream mailing list) or, if a public list is not allowed, on jbossas (the internal technical list for EAP.) It's quite possible that a solution to the fundamental problem OpenShift is facing may already be present or in the works.