We would like to enable negotiation (SPNEGO) for desktop based clients (using IE, firefox, etc) but bypass it when blackberry clients hit a servlet.
The blackberry authentication mechanism we use is implemented as a servlet, so the request needs to be able to get past the Vavle based SPNEGO module to get invoked. How can spnego be enabled/disabled based on request header parameters? What other approaches are there to accomplish this?
For anyone interested - we came to the conclusion that the best approach is to subclass the jboss security NegotiationAuthenticator.