[jboss-user] [Security & JAAS/JBoss] - Re: Combining SPNEGO with custom made authentication?

darran.lofthouse@jboss.com do-not-reply at jboss.com
Wed Aug 6 09:00:36 EDT 2008


I am currently looking at the fall back scenarios when SPNEGO is not available for some reason - at the moment the Beta releases are an all or nothing approach so require SPNEGO to always work.

I am considering the possibility of NTLM authentication which can be the default fallback mechanism selected by the web browser if SPNEGO is unavailable.  

I am also considering the options of falling back to other authentication mechanisms such as BASIC or FORM but there may be some issues as to detect a failure in SPNEGO authentication involves sending an error to the client.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169032#4169032

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169032



More information about the jboss-user mailing list