Why is IWA not working for Firefox after upgrading to version 58?
Firefox v58+ now requires SPNEGO for silent authentication where as before this was an optional step.
Configuring Firefox (Windows & Mac)
To configure silent authentication in Firefox using network.negotiate-auth.allows-non-fqdn:
1 Open Firefox.
2 Type about:config as the target URL.
3Type neg in the Filter field.
4 Select network.negotiate-auth.allow-non-fqdn. If it is set to false, right-click and select Toggle. If it is already set to true, do not change it.
5 This is now a required step. Select and right click network.negotiate-auth.trusted-uris and select Modify. Enter a comma-separated list of the fully qualified domain name for each connector as string values, then click OK. For example, if you have two connectors —hosta.mycompany.com and hostb.mycompany.com— you click Modify, enter the following and click OK. hosta.mycompany.com,hostb.mycompany.com
The less-secure alternative would be to enter just the domain name. For example, you would click Modify, enter something like *.mycompany.com and click OK.
6 Close the about:config tab and close Firefox.
Note: For security reasons, be as restrictive as possible in specifying the comma-separated lists.