tomcat has no support for spnego currently as its not one of the servlet spec auth methods. Do a search on google for java implementations and let us know if there are any.
It may be helpful:
We implemented such things by NTLM auth. in JCIFS. See jcifs.samba.org
thanks. Your implementation works fine. I have integrated it by adding a Authenticator implementation into JBoss. Add this authenticator into Authenticators.properties, so that NTLM could be configured in web.xml.
for the SPNEGO's java implementation.
I am sorry that I answer the post so late. I am busy for other thing.
... just to add a little more info on the subject of having SPNEGO GSSAPI support in JBoss.
Its based on the JBoss NTLM implementation, changed to do SPNEGO GSSAPI, with group support (stored in the PAC).
Good Day bifriis,
I read your introduction to getting fat clients to use SPNEGO/Kerberos to use SSO. I was wondering if you knew of a way to get this method to work with JBOSS J2EE server, especially when the fat/smart client is making calls on a session bean.
If the session bean implementation does not work, woul the Tomcat server housed in JBoss be able to use the SPNEGO token to authenticate the user when making webservice calls which ultimately make the session bean calls. In this scenario could we still use the default ejb authorization constructs in the ejb-jar.xml?
Mark P Ashworth