[jboss-user] [Security & JAAS/JBoss] - Re: Combining SPNEGO with custom made authentication?
darran.lofthouse@jboss.com
do-not-reply at jboss.com
Wed Aug 6 09:00:36 EDT 2008
I am currently looking at the fall back scenarios when SPNEGO is not available for some reason - at the moment the Beta releases are an all or nothing approach so require SPNEGO to always work.
I am considering the possibility of NTLM authentication which can be the default fallback mechanism selected by the web browser if SPNEGO is unavailable.
I am also considering the options of falling back to other authentication mechanisms such as BASIC or FORM but there may be some issues as to detect a failure in SPNEGO authentication involves sending an error to the client.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169032#4169032
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169032
More information about the jboss-user
mailing list