[jboss-user] [Security & JAAS/JBoss] - Negotiation: browser do not reply to http 401 with www-authe
neoben
do-not-reply at jboss.com
Wed Mar 11 19:14:50 EDT 2009
hello,
I have a few question about spnego and jboss:
1. My app is deployed on the domain TEST.NET and accessible via the url http://myapp.test00.net. I configured everything correctly so that jboss-negociation works ok.
My app is accessible outside of the domain via the url http://10.10.10.10:80. In this case, the server will send the classic challenge but the browser will refuse to reply and will just display a useless Http 401 and the associated jboss default html page. In this case, I want to display a form... I understand that it is not going to be possible...unless i can change the default http 401 default html (without using the error page mapping in the web.xml) as it will instead result in a http 302. Is it possible jboss experts?
2. the jboss negotiation project do not seem to work when there is a proxy between the server and the browser. am i correct?
3. It only supports kerberosv5 through the negotiation process (no fallback, no ntlm v1 or v2, no nothing...). What about the java 1.6 native spnego support or the patched jcifs project? Is there such thing as a complete spnego implementation?
Any answer highly appreciated.
Thanks
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4217210#4217210
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4217210
More information about the jboss-user
mailing list