Steps to reproduce:
1) create new Security Realm in standalone.xml:
<security-realm name="ManagementTestRealm">
<authentication>
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
</security-realm>

2) make http-interface using this realm:
<http-interface security-realm="ManagementTestRealm" http-upgrade-enabled="true">
<socket-binding http="management-http"/>
</http-interface>

3) start standalone server

4) run CLI with command ./jboss-cli.sh -c
You will ask for user and password for ManagementTestRealm but this realm is NOT used for native interface! It should still used ManagementRealm not ManagementTestRealm. If you add <local default-user="$local"/> to ManagementTestRealm Security Realm and run CLI again, it connect successfully. It looks like there is used http-interface instead of native-interface.